This is a really valid point but good that the changes in V4 are being made, as I was wondering today how long it will be before WPA/WPA2 is compromised just like WEP was, especially on consumer grade routers (i.e the easiest route onto said network).
However, whilst a home / domestic network is possibly the easiest to bust, it's probably the least likely to be of interest to serious tealeaves I suppose.
What would be interesting are sites with poorly setup guest access via wifi, commercial type places, that use such IoT products. Once access to the network is gained via friendly means (i.e daytime) it would be no trouble to return at night with wifi access from outside the premises...