As i sit here putting in a couple hour session using Alexandria's free WiFi (http://www.wirelessalexandria.com) after checking out the Art Festival, I can't help but wonder how vulnerable my information is.

I'm thinking I should be using a software firewall--e.g., Zone Alarm. Is this line of thinking correct? Is there anything else I should do? What specific risks are there to using this public, unsecured internet?

The danger of using an unprotected WiFi network is that all of the information is sent out into the air for anyone to see. Anything sent unencrypted (called plaintext or cleartext) could be captured and read by anyone interested.

For example, if you login to 2+2, which uses plain text HTTP, someone could grab it. Logging into a site that uses HTTPS (SSL, you should see a lock icon in the browser) and your passwordis not as vulnerable. However, this could be a big deal if you use the same password in multiple places (like 2+2 and your bank), so don't do that.

Another thing to note is that when you use a public open network, it may be spoofed. Someone sets up their own access point with the same SSID, you login into it. Now they can spoof a popular site like eBay, and possibly trick you into revelaing your username and password.