This pilot fish and his wife are planning a long-overdue vacation to an all-inclusive resort — one of those places where you don't have to worry about things like meals or tipping.

"I log onto the resort's website in order to make some reservations ahead of our arrival," fish says, "and am presented with the standard registration page."

He enters his information on the page, which also asks "for security reasons" that he set up a password.

It's not until after he has clicked "OK" that fish looks at the icon in his web browser and realizes the page isn't encrypted. He does a quick browse of the source code for the page, and finds that there's no SSL anywhere securing the data he's just typed in.

To read this article in full, please click here