Speaking generally, you can't sniff transmissions between a client and a bank server since the communication uses public key encryption. That said, SSL is still vulnerable to man-in-the-middle attacks - beware of notices/alerts about unrecognized certificates.
Regarding privacy on non-HTTPS websites, it depends on how your network is set up. If it's a standard WPA2 setup then all of your unencrypted traffic is visible (easily) to anyone who is in transmission range of your computer and has the WiFi password. You can install HTTPS Everywhere from EFF (https://www.eff.org/https-everywhere) which helps secure your communications on many common websites - Facebook, Twitter, etc.