[LINK] don't use webmail in public
kim at holburn.net
Fri Feb 1 20:49:33 EST 2008
It would seem to be a bad idea to use webmail in public internet
places like wifi hotspots etc. because your system and browser leak
> SSL Gmail Not As Safe As You Thought
> By Kim Zetter EmailJanuary 31, 2008 | 9:58:01 PMCategories: Hacks
> and Cracks
> Google_logoOne of the big stories at DefCon last year was a
> security researcher's demonstration of wirelessly sniffing users'
> session cookies while they accessed their e-mail accounts or
> conducted e-commerce transactions via wireless networks. The attack
> allowed a hacker access to the victim's Gmail or Hotmail account
> without needing to decipher the user's password.
> Now the security researcher who presented that info has found that
> even using SSL HTTPS to access your Gmail account -- which was
> touted at the time as a surefire way to protect Gmail users against
> such an attack -- is vulnerable to this hack.
> Robert Graham of Errata Security says he's been able to grab
> session cookies even when users access their account in a
> presumably secure manner. He describes the vulnerability
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the Link