1. If you're having trouble with WPA2, it's an implementation issue. There's no reason that WPA2 shouldn't work as well or better than WPA. In some silicon, AES-CCMP encryption can work faster than TKIP. Check for firmware upgrades on adapters and APs.
2. TKIP keys cannot be extracted by any known methods. Short TKIP and AES-CCMP passphrased-based keys are vulnerable to brute-force dictionary attacks, typically based on precomputed common SSIDs. A key of 10 or more characters is probably fine; 20 random characters is beyond computation in this universe. 63 is just silly.
3. The TKIP exploits are particular to AES-CCMP and don't recover the key, nor does any particular key length prevent the exploit. The exploits rely on a set of givens (such as 802.11e/WMM being available and enabled on a router), but this latest exploit that I link to uses the integrity checksum to extract a packet delivered to a client in the right circumstances.
4. This attack could be weaponized, but it's a proximity attack, so the yield is very very low in such attacks.
That comment is halfway between troll and truth.
That only works for short passwords using dictionary words and common alternatives--typically eight characters or fewer. Yes, you can get precomputed dictionaries for common SSIDs, and you can even use a new service to do some computation.
However, move to 9 characters of random text (&fa^g_!80) and a unique SSID ("My little pony's network"), and all bets are off to computing the result in anything like a usable period of time.
TKIP and AES-CCMP remain strong for long, strong passwords, long being 10 or more characters, but 12 to 20 is best.
That's not as limited as it sounds. There are perhaps hundreds of millions of routers running versions of embedded Linux, and WMM/802.11e may be enabled by default on many of those!
I wrote a long article for Ars Technica nearly a year ago that looked at the past, present, and future. The reality hasn't changed much since then.
Most so-called municipal Wi-Fi projects involved a handful of companies absorbing all the initial network cost in exchange for some to no city business and access to citizens for coverage. EarthLink, MetroFi, Kite, and AT&T were the most prominent. EarthLink got out of the business; AT&T still does some metro-scale networking (Riverside), and MetroFi and Kite shut down.
There are a ton of networks run entirely or nearly so for public safety and/or municipal purposes that have been very successfully in Oklahoma City and elsewhere.
Theory is gray, but the golden tree of life is green. -- Goethe