Many governmental and military agencies and offices, as well as contractors, have easily detectable Wi-Fi networks: Reporters from Federal Computer Week wardrove and found networks everywhere, often run in contravention to official policy or without safeguards that are mandatory. Unfortunately, the article suffers from a giant gaping hole: the authors never mention it, but to avoid prosecution, they appear to have only passively sniffed data and not examined the contents of packets. So we don't know whether these access points are really as secure as the various parties they contacted told them they were: behind firewalls, encrypted, authentication--what have you.
In fact, the conclusion at the end of the article that T-Mobile's network is more secure because it uses 802.1X is somewhat misleading and inaccurate. T-Mobile has both open, gateway-based authentication and 802.1X on the same network; they haven't switched over. And 802.1X provides a mechanism to serve out an encryption key to wireless clients that only secures the link from client to access point, not out to the Internet or a remote office. If a government contractor is using a totally open, accessible network that has a firewall and requires a VPN tunnel to pass through, then it's much more secure as an end-to-end session than T-Mobile's network.
Further, 802.1X isn't better than WEP. 802.1X is an authentication method; WEP is an encryption method. 802.1X can employ WEP or WPA; T-Mobile is using WPA, so in that sense alone is it better than WEP. Whether they use WEP or WPA, 802.1X only allows them to serve wireless clients with an encryption key for the wireless link.
It's clear that government like private industry must take measures on their wired network to prevent the easy addition of Wi-Fi access points. Really, 802.1X could be used just as effectively on a wired port as on a wireless one: by requiring 802.1X, no unauthenticated clientless device would work on an Ethernet network.