Subject: General Tech | September 12, 2011 - 03:56 PM | Jeremy Hellstrom
Tagged: firesheep, security, fud, https
About a year ago you may have read about FireSheep, a FireFox add-on which takes advantage of the unencrypted nature of many packets being sent to social networks to allow others to access your accounts. It is specifically used on wireless connections, in what is called a man in the middle attack, as you surf using an unencrypted connection the laptop running Firesheep captures your data before it even hits your account. That extension is still around and causing havoc, making the news recently with the revelation that packets sent via Google have a unique session ID sent in plain text which can be used to identify a Google acount and then access the search history of the acccount. Check out The Register for more on this topic and consider HTTPS Everywhere for your laptop.
"Researchers have released a Firefox extension that demonstrates the risks of using Google search services on Wi-Fi hotspots and other unsecured networks: With just a few clicks, attackers can view large chunks of your intimate browsing history, including websites you've already visited."
Here is some more Tech News from around the web:
- Magellan RoadMate 9055-LM Review @ TechReviewSource
- TRENDnet SecurView TV-IP322P Outdoor PoE IP Camera Review @ Real World Labs
- Sega Renegade Ops Sneak Preview Event @ XSReviews
- Real World Labs And TteSports Joint Contest
- Legit Reviews and Gigabyte Contest