The Internet is not (and has never been) secure

Wired: Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet

Read the above article for a fascinating description of how hackers can (and sometimes do) redirect internet traffic, making it easy for them to snoop. The article cites recent incidents where domestic US internet traffic was redirected through several countries on its path from source to destination, presumably so the people who installed the corrupt routing table entries could take a look as it goes by.

Just in case you were under some illusion that the internet is secure, this should demonstrate clearly that it is not. Forget the NSA, this can be done by just about anybody who can write software and understands how the global internet operates. If your data isn't encrypted, then it isn't private. Period. This include your web sessions, your e-mail messages, passwords, etc. If you're doing something that you wouldn't want criminals in other countries to see, make sure it is over an encrypted channel.