I pushed for us to use only open source wifi drivers in our product because I had heard the proprietary drivers have highly questionable hacks, which improve ideal-world isolation-chamber benchmark conditions at the cost of real life performance.
Not too surprisingly, now that we're using open source drivers, we start getting patches from $VENDOR to do exactly those kinds of hacks to the open source drivers.
Today's awesome example: a patch that, after the first 1000 ACKs in a given TCP session, starts dropping all but every 3rd ACK. This is because return TCP ACK traffic is a significant fraction of your airtime, so things can go quite a bit faster if you have fewer of them.
Sending fewer TCP ACKs is actually a real area of research. But just blindly doing it after 1000 ACKs is I'm sure not what the TCP people had in mind. This optimization is pretty much a pure speed improvement for iperf in great network conditions, but is likely to severely confuse TCP if there's any kind of loss or variable latency.
...of course, people don't test for loss and variable latency when they're choosing wifi vendors. We sure didn't.
ssh+2FA to all your machines, anywhere, without opening firewall ports.