Marco.org

Incidental Thinking: “So you have a laptop with a wireless card. You are able to go downtown to the local coffee shop or a hotel and hop on their wireless network to get online. The only problem is that open wireless networks aren’t secure. […] if someone at the same location knows how to, they can view all of your activity including any passwords you type in.”

That’s partially right, but you’re forgetting about the beauty of SSL. Anything sent via SSL is immune to man-in-the-middle attacks like what you describe. SSL, indicated by “https://” and the padlock icon in most browsers, is used by all banks, PayPal, Amazon, eBay, and pretty much any other site that needs any security at all.

The marvel of SSL, and public-key cryptography in general, is that it can establish a secure communication channel on a public network without any prior exchange of information between the two parties (like a secret password). It doesn’t matter if your entire session is recorded by someone else - they’re not getting your bank password.