apparently a lot of services that require a login still handle the username and password as plain text, making it relatively easy to get with a sniffer. i remember a nifty exhibit concerning this at defcon, it was called the "wall of sheep". anyway, i want to know:

1. what services still send passwords out in plain text? if i log in to any web interface that isnt using https or some encryption layer(message boards, web mail, etc.), is my info just being sent in plain text? what about a pop3 email account or a video game like world of warcraft or guild wars?

2. what can a i do about it? is there some kind of personal encryption layer that i could use? i'm not sure if that would work because the server would have to decrypt it on other side.