Secure your cookies

In light of the publicity created by Firesheep, HTTPS Everywhere has been updated to force websites to activate a secure flag in cookies used to authenticate their users.
I finally tested Firesheep. It is painfully easy to use for hijacking sessions. Here I start Firesheep on a Windows machine (via RDP) and I log into Facebook on a Ubuntu system. As seen in the screenshot, Firesheep quickly captures the cookie of that session and permits easy access to the active account.
at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

VMware Workstation Pro is now free for personal use!!!

VMware Workstation Pro is now free for personal use!!!  However, it was not straight forward to install on Ubuntu as I encountered error mes...

  • "An error occured in avast! engine: Invalid argument"
    This annoying message popped up after I ran the update in avast! in Ubuntu yesterday. avast! crashes every time I attempt to launch it after...
  • Encrypted mails
    I decided to install a digital certificate for my Gmail account. This is simple and free to set up. Apply for a free certificate from Comod...