tds - Slashdot User

Point-and-Click Gmail Hacking Shown at Black Hat 260

Posted by Zonk on Friday August 03, 2007 @10:12AM from the man-they-get-all-the-fun-demos dept.

not5150 writes "Using Gmail or most other webmail programs over an unsecured access point just got a bit more dangerous. At Black Hat Robert Graham, CEO of errata security, showed how to capture and clone session cookies very quickly over connections without encryption. He even hijacked a shocked attendee's Gmail account in the middle of his presentation. 'While Ou was typing, Graham was running Ferret and sniffing all the cookies that were being sent from Ou's laptop and Google. Graham then clicked on Ou's IP address and Gmail page, complete with Ou's recently sent message on the screen. We photographed both Graham's and Ou's laptop at that time and posted it to the picture gallery. You'll see that the contents are exactly the same.'"

Comment Not a smart move and here's why (Score 3, Interesting) 481

by tds on Wednesday April 02, 2003 @06:34PM (#5648147) Attached to: Mozilla's Major New Roadmap

Mozilla for all it failing is starting to get real recognition as a product in the market, it is being seen a real alternative to IE and now just as it starting to get traction it gets KIA.

I find it hard to believe that that a Phoenix based browser is going to reach a level of stability and adoption, any time soon.

(Someone has to say this)
This smack of developers looking at the technology and saying you know I could do better (yeah I'm guilt here as well). You know lets rebuild this and provide no migration path for existing applications and users. There must be a better way to do this with less risk and disruption.

Remember it's not always the product with the most technical merit that wins it the wins just look at IE.

Otherwise Microsoft is going to be very happy they will not have to worry about Mozilla any more.

Slashdot Top Deals