Web 2.D’oh!
“You’re an idiot if you use T-Mobile HotSpot.” That’s what Robert Graham, the CEO of Errata Security, had to say last Thursday about checking email from public wireless hotspots.
And he knows of what he speaks. Earlier in the day, Graham hijacked a Gmail session in front of a packed audience at the Black Hat security convention in Las Vegas. Using a pair of programs called Hamster and Ferret, which sniff the data transferred between a wireless router and a computer, Graham grabbed an unencrypted cookie used in a recent Black Hat Wi-Fi session and used it to hijack an attendee’s Gmail account. “I see 10 people’s cookies on my screen, I just need to click on the guy’s IP address and I’m in,” Graham said. “Once you get someone’s Google account, you’d be surprised at the stuff you’d find. … If I sniff your Gmail connection and get all your cookies and attach them to my Gmail, I now become you, I clone you. Web 2.0 is now fundamentally broken.”
Comments
If you leave your purse open somebody can look in it. If you leave you aganda open, somebody can look in it…
What does that say??? The world is not a ’save’ place, the internet is never ment as a save place.
If you want to store something save, then store it at home, not at a ‘public’ place. Use an external HD or something else. But don’t think that your web-HD, web-mail, web-else is save by any means.
The author says ‘Web 2.0 is now fundamentally broken’, however Web 2.0 was never (un)officially create as a save place in the first place.
anyways,
I would say… don’t store sensitive information on the web by any means, just have fun serving the web and use these nive services out there.
Ries van Twisk
Posted by Ries Twisk, van at August 3rd, 2007 at 8:52 pmhttp://www.rvantwisk.nl