Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security

HTTPS Cookie Hijacking Not Just For Gmail 128

Posted by timothy from the cookie-monster-demands-satisfaction dept.
mikepery writes with a followup to last month's mention of a security vulnerability affecting Gmail accounts, which it seems understated the problem. "I figure the Slashdot readership is the best place to reach a large number of slacking admins and developers, so I want to announce that it's been 30 days since my DEFCON presentation on HTTPS cookie hijacking, and as such, it's now time to release the tool to a much wider group. Despite what was initially reported, neither the attack nor the tool are gmail-specific, and many other websites are vulnerable. So, if you maintain any sort of reasonable looking website secured by any SSL certificate (Sorry Rupert, you lose on both counts), even if it is just self-signed, you can contact me and I will provide you with a copy of the tool. Be sure to put 'CookieMonster' in the subject, without a space." (More below.)
The Internet

Netvibes May Give My Yahoo Run For Money 72

Posted by kdawson from the widgets-on-steroids dept.
Carl Bialik from WSJ writes "Wall Street Journal columnist Walter S. Mossberg reviews Netvibes, which allows users to create personalized pages with modules that gather headlines, email, weather and other data from all over the Web, and 'combines some of the best features of My Yahoo and [Apple's] Dashboard,' Mossberg writes. More from the article: 'Among the modules you can add to your Netvibes page right from this menu, without navigating to any setup page, are weather forecasts, a notepad, a to-do list and calendar, and modules that perform searches for Web pages, blogs, pictures, videos and podcasts. There are also email modules that will display your new messages from Gmail, Yahoo Mail, Hotmail, AOL Mail or any regular old email account you configure. Others display content from eBay, MySpace, Fox Sports and more.' In an accompanying video, Mossberg demonstrates Netvibes."

Slashdot Top Deals

Say "twenty-three-skiddoo" to logout.

Close