The easiest way to defeat browser-sniffing, privacy-eroding hacks like Firesheep is to use an encrypted connection for sensitive stuff. Hotmail is helping out by activating an "Always use HTTPS" option that covers your entire email session.
If you're a Hotmail user, simply add an "s" when connecting to Hotmail on the web (https://hotmail.com). You'll be prompted to sign in, and then get a quick explainer about connecting to Hotmail and its associated calendar/contact services through an encrypted connection. If you choose the Always Use HTTPS option, you'll then be told that HTTPS could mess up your connection through Windows Live Mail, Outlook or other non-web clients, which is something of a bummer. But you can always activate a secure connection temporarily by adding the "s" to your connection, especially when you're out in public. Gmail now makes HTTPS a default, and one would hope the (larger) Hotmail service would do likewise down the road.
Hotmail (HTTPS) [via a href="http://www.downloadsquad.com/2010/11/06/hotmail-adds-full-session-ssl-for-more-secure-webmail/">Download Squad]