Originally Posted by Zarf4

HTTPS connections do a quite good job protecting packets, but they don't protect you from tainted DNS servers (i.e., you enter "www.citibank.com" and the bad DNS resolves you to a phishing site which masquerades as the HTTPS version of the original). About 2 years ago I was in a major Vegas hotel and saw that Hotmail resolved to a private 10.10.x.x address instead of over the public internet.