I do a fair amount of development while seated in a Starbucks. I don't often drink the coffee or eat the food, but I do connect to the Internet using their fine T-Mobile HotSpot service. Up until last week, my HotSpot connection was a regular old unsecured AirPort connection. That meant that much of my traffic was sniffable by others in the vicinity. I didn't like that much, so I did a little digging. T-mobile offers Connection Manager software for Windows users which solves this need, but no love for OS X users, though.
There was one sentence in the T-Mobile security policy that suggested that a secure connection was possible without Connection Manager. So I called tech support and they were astonishingly helpful. The tech walked me through an Internet Connect setup which resulted in me connecting securely via TTLS. The basics of the process are: Open Internet Connect and add a new 802.1x configuration. I also had to click the Configure button for TTLS and enter PAP as the 'TTLS INNER Authentication.' The other authentication methods are left as default. After setting everything up, the end result looked like this. The process is a bit complex, so you might want to call them if you're unsure of anything in that screenshot.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20070813194333218