The Raw Feed
Where technology and culture collide

Monday, August 06, 2007

Passwords Pulled Out of Thin Air Via Wi-Fi

A speaker at DefCon demonstrated live how it's possible to choose any IP address visible on an wireless network, and intercept the cookies being exchanged. That enabled him to GRAB PASSWORDS. In the demo, he used utilities called Hamster and Ferret created by Errata Security to snatch a Gmail password, but says Yahoo passwords are snatchable as well. The solution? use SSL by typing https in front of the URL instead of http (as in https://gmail.com).

(props to RealTechNews)

6:58 AM * PERMALINK 1 comments

 Bookmark and Share

Comments:

Blogger kurt wismer said...

it's a shame the details of the hack have been distorted the way they have... it was cookies, not passwords, that were pulled out of thin air... the cookies allowed the attacker to access the victim's webmail account and even send email posing as the victim, but not change the account password as that would have required the existing inaccessible password...

Monday, August 06, 2007 9:48:00 AM  

Post a Comment

<< Home

 

Like The Raw Feed? Then you'll LOVE the FREE Mike's List newsletter!