[calloc]

This. I was trying to explain to my co-workers that this issue has existed for as long as the web has existed and they didn't really understand what I was talking about.

Not until they saw a demonstration video did they believe that it was as bad as I was telling them it was. It is hilarious as a security guy watching "new" exploits come out and watching them go into serious mode since this is a new exploit and it is a bad one and it is going to cause doom and whatnot.

If you can't trust the connection you are on, then time to not use said connection or VPN somewhere. Plenty of places to find hosted VPN services.

[pinko]

> Plenty of places to find hosted VPN services

Care to recommend one? I've had a few unsatisfactory experiences (terrible bandwidth, unreliable servers, etc.) and would love a good recommendation.

[quinndupont]

I've had good success with BlackVPN. Here's my review (with referral code to get us all free time!): http://www.iqdupont.com/blog/2010/4/19/blackvpn-review.html

[modoc]

Have you tried these guys: https://www.goldenfrog.com/vyprvpn/vpn-service-provider

[Anelly]

ibVPN is as good as vyprvpn but is cheaper and has more servers http://www.ibvpn.com/ + it provides free accounts weekly

[acqq]

> find hosted VPN services

So have you solved your problems if you use third party VPN to do the encryption between you and the third party and the mentioned third party also conveniently has your whole data stream unencrypted, no matter from where you connect?

[calloc]

If I get a VPN somewhere I would make sure I trust that endpoint to some degree. Just like I won't be caught surfing on public wifi I don't mind surfing from my home connection as I trust that there is a bit more protection than on a public wifi.