me thinks you are assuming a lot thinking that by YOU using only https, you are fully protected, even the httpsEverywhere people will tell you that unless ALL points between you and the target surver are secure....things can and will go awry...pages will often appear different using https as opposed to http, as some apps do not play well in the https world. Certainly most of the payment/ordering transactions are handled via https...but that information is NOT the only information that I would want protected. Often times you have signed in and authenticated in the clear to a non https server, before being trounced to a secure server...
read up on man in the middle, spoofing, and end to end encryption....certificate fraud, mispellings on certificates, etc
it is also very important to SIGN out, just like you sign in and clear/close the screen or session...persistent cookies and sessions...
then there is the whole unsecured wifi...NEVER use a network that YOU don't know personally to transact business or personal information transactions. They are a meat market for hackers.
As touch free credit cards, credit card apps, and 100% info on your smartphone become more useful, the hackers will move there quickly, as security is no longer important to the seller....it SHOULD be for the user, but most users don't know the first thing about securing their device, let alone the myriad apps that pump their information to an increasingly insecure infrastructure.
The only valid assumption is that all public/free wifi networks are not protected in any way at all, or worse, are a collection point for YOUR information. Use at your own risk, no one is protecting your data, ever....worse outside the states...as the rules and requirements are either non-existent or different than those of the US
Last edited by kd3pc; 02-17-2012 at 11:08 AM.