Right... which is why he didn't mention wireless networks...

That's like saying, yes SQL injection is powerful, but it doesn't work on CSRF vulnerabilities -- complete non sequitur.