|www.rodneybeede.com||"I would love to change the world, but they won't give me the source code" - unknown|
This isn't a problem if the user types in the URL with https:// first, but most users don't so usually a site like your bank or gmail or whatever will redirect you to the secure site. sslstrip takes advantage of this and stops the secure redirect which most servers.
The solution to stopping this is called HSTS. Basically the server responds telling the web browser to never use insecure URLs no matter what the server's response HTML says. Neat idea.
One thing of course is that sslstrip or another program could just remove the HSTS from the server response. Google prevents this currently by simply hard-coding in web sites that should reply with the HSTS headers (ex: paypal, gmail). This isn't scalable so one proposal is to have the HSTS required moved into DNS with DNSSEC instead.