BudMan, on 26 February 2013 - 15:17, said:
More worried about local wifi sniffers, that quite often could be kids just out for some lulz, etc. Now those can be mitigated with a secure connection across the open wifi like vpn or ssh tunnel for browser traffic, etc. But if best practices where followed, the login info would be secure anyway - which would reduce the risk of some kids out for some fun using a browser addon and simple wifi sniff. Again I am not too worried about someone sniffing my traffic while at home or work, etc. Or place of business that has a secure wifi connection.
Your worries are right but I'm afraid it isn't just as easy as securing the connection, adding server certificates. There are network flaws which simply can't be fixed, this is because of the RFC's related to the OSI Stack.
A hacker could join onto a public hotspot and essentially hijack all the popular websites he'll see results on. This could be Facebook, Amazon, Best Buy whatever. These websites will all have SSL certs, security measures in place. When he hijacks a website, the SSL certificate is in-tact (if done properly) and everything should appear fine, again if done properly. The hacker will still take logins, credit-card details. There's just nothing you can do. Even a security minded individual would have trouble spotting it. I wouldn't know.
So in terms of Neowin being secure, I know IPB is very good in that area. Regarding SSL, it wouldn't even be necessary. For the guys, it would more so be there just to make the people visiting feel happy.
Also, to reflect on the hacking technique I mentioned above, this would have to be planned and developed with quite a bit of time and effort. I wouldn't worry about joining your local Starbucks wifi anytime soon.