George Ou has an excellent write-up about how insecure Web 2.0 applications are over WiFi. The problem? Unencrypted traffic which can be recorded, analyzed and used against you. He starts with a basic example of a Gmail account getting hijacked. Even worse, using this technique you can potentially have your home address and your e-mail known to others who are lurking nearby and recording your traffic. Imagine the ramifications on municipal WiFi. Is a municipality liable if traffic on their network is hijacked and used to commit a crime?
Certainly we are entering scary times as new tools are being developed to exploit unsuspecting WiFi users. This scenario perhaps only bodes well for wireless service providers who sell wireless broadband cards which are encrypted and so far immune to such problems.