Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

HTTPS Cookie Hijacking Not Just For Gmail 128

Posted by timothy from the cookie-monster-demands-satisfaction dept.
mikepery writes with a followup to last month's mention of a security vulnerability affecting Gmail accounts, which it seems understated the problem. "I figure the Slashdot readership is the best place to reach a large number of slacking admins and developers, so I want to announce that it's been 30 days since my DEFCON presentation on HTTPS cookie hijacking, and as such, it's now time to release the tool to a much wider group. Despite what was initially reported, neither the attack nor the tool are gmail-specific, and many other websites are vulnerable. So, if you maintain any sort of reasonable looking website secured by any SSL certificate (Sorry Rupert, you lose on both counts), even if it is just self-signed, you can contact me and I will provide you with a copy of the tool. Be sure to put 'CookieMonster' in the subject, without a space." (More below.)
Media

The Copyright Crusade a Lost Cause? 253

Posted by Zonk from the got-lost-in-his-own-museum dept.
A. Smith writes "Ars Technica is exploring the relationship between property rights and copyright, arguing that copyright holders are making a mistake by stressing similarities between property rights and copyright. They compare P2P users to 18th-century squatters in North America: 'Like squatters of old, many ordinary users find copyright law bewildering and are frustrated by the arbitrary restrictions it imposes. Customers wanting to rip their DVD collections to their computers, download music they can play on any device, or incorporate copyrighted works into original creative works find that there is no straightforward, legal way to do these things.' They conclude by offering that more reasonable, understandable copyright restrictions would result in a user base friendlier to publisher interests."

Feed Linux.com: Mozilla is pushing Thunderbird out of the nest (linux.com)

From feed by lcfeed
Mozilla Corp. CEO Mitchell Baker announced yesterday on her weblog that because of "the enormous energy and community focused on the Web, Firefox, and the ecosystem around it," the organization is seeking "a new, separate organizational setting" for the Thunderbird email client.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close