What? How can u... “SIDE-JACKING”or Session Hijacking is where someone takes control ofyour session and starts doing everything you can do orworse on your account without your knowledge.You have probably seen emails from your FB friends thatis spam but your friend did not send it. This is one typeof things that can happen.
Put on Protection- Avoid insecure sites on open Wiﬁ- Avoid Starbucks Coffee. Nothing is free- Secure your Wiﬁ Network at least with WPA2 + pre-shared key so you know who is connected at all times- You are on your own most times. All the best.
SSL?- Don matter. Attackers can redirect your browser usingSSLStrip- Avoid insecure sites while on wiﬁ.- Sites like gmail by default are much better due to fullblown SSL all through.-Logging out doesn’t make session invalid. “Remember Me” check box?
Use only secure L/WAN• At least WPA2 encryption (protects against each other)• Avoid Starbucks Wiﬁ• Check your network operators credentials• ISPs?• Try VPN
One-on-One yessss• Generally trafﬁc should be end-to-end
DONT EAT SHIT• IGNORANT Service providers• EXCUSES: We are working on it, we Care, we are Scaling
GMAIL Full SSL JAN 2010“We had to deploy no additional machines and no special Hardware.” - http://www.imperialviolet.org/2010/06/25/ overlocking-ssl.html
How BAD? Email not up there(Hotmail)FB, Twitter is your main communication network Loads of sites do it wrong
Its really BAAAD Check this out FIRESHEEP Eric Butler & Ian Gallagher San Diego October 21010
FIRESHEEP Firefox Extension Mac OS X Windows XP Firefox 3 Not 4http://codebutler.github.com/ﬁresheep
Companies Must ActThey MUST PROTECT there Users and Websites. Its their Maternal Responsibility. They Don’t? DEMAND SSL EVERYWHERE
No Qs? Good the-CRAB @ilinkolniLinkoln 23/10/2010