Old news, but in case you missed it - http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=228000481&cid=RSSfeed_IWK_All

In a nut shell - do not login anywhere using public WiFi (gmail is one of exceptions), it became very easy to get your access (and do not be fooled by secure login page, it is not enough)

P.S. Just checked top 4 - none of tools that are supposed to help with the problem will help

The problem isn't really wi-fi per se, it's that some sites don't use encryption (HTTPS/SSL).  If the traffic to a web site isn't over SSL, it could potentially be eavesdropped at any point in its trip through the internet.  Obviously when you're on a small hub with 3 other people in a coffee shop, the amount of traffic is small and it wouldn't be too difficult for a hacker to sort it out; whereas someone trying to eavesdrop on the traffic on a fiber optic cable downtown has a much bigger challege.  But if the data isn't encrypted the possibility for eavesdropping is there.   Facebook is constantly being changed and extended and security isn't their top priority; I definitely wouldn't put my VISA number on a Facebook page     But a big-time banking site is probably safe to use from anywhere.