Firesheep is a Firefox add-in showing how insecure HTTP sessions are
When you access a website to enter or view sensitive information, it's important that the site use https (which creates an encrypted SSL session) rather than standard http sessions. SSL encryption is especially important and mandatory for banking or any e-commerce transactions.
With Firesheep All Your HTTP Sessions Are Belong To Us
QUOTE: If you didn't already know that plain HTTP sessions are utterly insecure, here's proof: A new Firefox addin named Firesheep captures sessions on open Wifi networks and goes one step more sinister. It finds users logged into Facebook, Twitter, Google, Amazon, Dropbox, Evernote, Wordpress, Flickr, bit.ly and other services. It lets you take over their sessions and become them.