[mirashii]

No, they're not.

1) Your mac address is available to even passive sniffers without the key to an encrypted network. In some circumstances you don't even need to be connected to a network to grab someone's mac address (iPhones in particular love looking for networks loudly).

2) FTP and AIM passwords can be changed. Yes, a passive sniffer on the same network can still get them, but this is a significantly harder task than getting someone's mac address, and there's no way to change the goal.

3) Brute force attacks become within the realm of possibility. Have someone you know has an iPhone 5 and uses WhatsApp? The first chunk of the mac address is assigned by vendor, so you've already narrowed the search space down drastically by half to needing to guess 6 hex digits.