I have an open anonymous wifi setup that doesn't allow eavesdropping.
I have an ADSL/wifi router as my primary access point. It provides a WPA2 encrypted network for my own laptops. Then I have an old secondary wifi router plugged to that one over ethernet. It offers another passwordless network and has some bandwidth-limits in place, does NAT, and provides another subnet over dhcp to anonymous users. You can't use the secondary network to eavesdrop on what happens on the primary router.
When I'm out travelling and find an anonymous wifi myself, I just ssh to my account at a unix box, forward the connection to a remote http/s proxy to my laptop and thus route all my web traffic over ssh via a trusted exit node.
I have an ADSL/wifi router as my primary access point. It provides a WPA2 encrypted network for my own laptops. Then I have an old secondary wifi router plugged to that one over ethernet. It offers another passwordless network and has some bandwidth-limits in place, does NAT, and provides another subnet over dhcp to anonymous users. You can't use the secondary network to eavesdrop on what happens on the primary router.
When I'm out travelling and find an anonymous wifi myself, I just ssh to my account at a unix box, forward the connection to a remote http/s proxy to my laptop and thus route all my web traffic over ssh via a trusted exit node.