Rui Carmo
Interesting, in the sense that it means that I need to take a long, hard look at MobileMe traffic and figure out how some stuff is transferred (namely contacts and portions of interaction with webmail, since e-mail address harvesting might still be a risk). But even if they’re encrypting some of the data, it doesn’t let iDisk off the hook.
Update: it seems I needn’t bother. There are plenty of people out there willing to investigate this, and debunk any pseudo-security claims.