Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.
https://threatpost.com/misconfiguration-university-wifi-login-credentials/175157/
A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
https://threatpost.com/war-driving-wi-fi-password-cracking/175817/