I found a utility that allows a non-server version of OS X run the VPN server that is inherent in the OS (you could do it manually if you knew which files to create/edit). I'll post a link to it on here when I next can. Suffice to say, I ran up a VPN server on my Macbook Pro and was able to configure the iPhone very simply to VPN tunnel to it and then off into the big blue yonder of the Internet. Piece of cake really.

I know setting up a VPN Server in Windows XP is not too difficult, and some routers will do same, allowing you to VPN into your LAN from elsewhere, and then back out to the Internet if you want/need.

Given the overall weakness of passwords being sent in the clear (where non https:// is being used) it makes perfect sense to safeguard against the obvious dangers.

This is not just an iPhone issue though - anywhere where you access accounts with username/password being sent in the clear you place yourself at significant risk of identity capture and subsequent fraud.