Originally Posted by
star_world
The use of SSL is much, much more widespread than that. And to look at this from a different angle - if it was as easy to capture cookies and login details like this from mainstream websites they just wouldn't be useable. Look at the vast numbers of people that log in every day from Starbucks, McDonalds, airports around the world, etc. all without encryption on the wireless link. How many of these people regularly use VPNs?
Sure, SSL is widespread. I was talking about unencrypted sites like FlyerTalk.
SSL is not the same thing as encryption on the wireless link. SSL (actually most modern browsers use TLS now) encrypts traffic from the web browser to the web server. Wireless encryption just encrypts the wireless network itself.