This article shows hot spot exploits...and ways to validate SSID's however how many people actually do that...
http://www.ethicalhacker.net/content/view/66/24/
This is kind of scary for anyone using a hot spot.
The question is...what can Starbucks and T-mobile (among other popular hot spots) due to protect users of hotspots from this type of attack?