A security researcher at the Defcon hacker conference in Las Vegas demonstrated a tool that allows attackers to break into your Inbox even if you are accessing your Gmail over an encrypted session.
If you use Gmail and haven’t yet taken advantage of a feature Google recently provided to prevent hackers from hijacking your inbox, now would be an excellent time to do that (click here, and read Tip #1).
A security researcher at the Defcon hacker conference in Las Vegas demonstrated a tool that allows attackers to break into your Inbox even if you are accessing your Gmail over an encrypted session (i.e. using https://.. which you might recognize as the “gold lock” icon).
Here is a video demonstration of how an attacker would use an automated tool to hijack your login. The music may strike you as offensive, and there’s no narrative, so feel free to mute the sound.
(Well.. once again WordPress is preventing me from embedding the video. To watch it, please click here, Surf Jacking Gmail demonstration.)
While it may seem like Gmail is being singled out here, you should realize that other websites are vulnerable to side-jacking and cookie stealing too.. notably Facebook (I mention it because it has so many users), but Gmail is one of the few sites that allow you to thwart this attack method.
So how do you prevent side-jacking? Here are some simple, but inconvenient, solutions you can use to protect your data.
* If possible, avoid using public or open wireless networks.
* If you need to use a public wireless network, do not access Web sites that require personal information.
* Always use the “logout” feature when finished with a Website that requires a login ID/password.
* For Gmail, click the link in my first paragraph and set the “Always use” option.
* When you need to provide sensitive data in forms, such as if you are doing online banking, open a new instance of your browser and complete your transaction; logout, and close that Browser. Do not open any other websites in that browser.
Folks, the Internet is broken.. and it is the hunting ground for criminals. Please.. let’s be careful out there (and by careful, I mean “paranoid”).
View more random threads:
- about installation of old system
- Hide Drives and Partitions
- Remove the Recycle Bin from the Desktop
- How to Use Telnet on a Windows Computer
- Customize Your Desktop
- Turning Off Balloon Tips
- Lesson # 49 The Insert Picture Shapes...
- R we able to share DVD?
- Easier way to force win in Solitaire
- R u not able to sleep bcoz of mosquitoes?