I taught computer networking for 20 years, and I've never understood the concern about using SSL over a public network. If the site you're connecting to (ie, bank) has a valid certificate from a reliable certificate server, and the connection between your pc and the bank is fully encrypted with reasonably current technology, like 256bit AES and such, what's the concern? It gets kinda involved, but your pc encrypts data with the bank's public key, and can ONLY be decrypted with the bank's private key, which the bank NEVER releases. It's encrypted from my pc all the way to the bank. The encryption actually creates my own little private encrypted "tunnel". So what if the packets go over a public network just loaded with hackers running sniffers? They'll get packets full of garbage, whether my wifi connection (ie, Starbucks) is encrypted or not. If the encryption techniques used by banks today don't provide secure, reliable encrypted connections, then there's nothing we can do, and we'd better just use the phone or snail-mail from now on.
