Firesheep

Security experts recommendation for users to subscribe to a VPN service isn't practical...even if there weren't the possibility that someone might grab that cookie as it leaves the VPN server for the destination. I just can't see many ordinary users shelling out money for a VPN service, setting it up on their laptops and using it. whatever the final solution is, it's going to have to be an end service fix, and transparent or nearly so, to get most folks to adopt using it.
Firesheep's site here.