rowan

pstation was making the point that someone could have set up an access point that claimed to be the hotel's, but was really some sort of proxy that presented its own pages (and captured the data submitted) for certain sites. How many people check that they're on https://www.epassporte.com/ (note the S) before logging in?

If you must use public wireless then for heaven's sake set up a VPN with a server back at the office so that everything is encrypted, not just content to/from https:// URLs... in the case of SSL sites it's then double encrypted.