I've read before that Google now supports SSL and maybe you are just like me who didnt give a damn about the SSL thing on Google. But if i just give some minutes of my time (instead of me watching porn... lol) the jadver attack on my email can be prevented.
"A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers' conference in Las Vegas. Last week, Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, not just authentication. Users who did not turn it on now have a serious reason to do so, as Mike Perry, the reverse engineer from San Francisco who developed the hacking tool, is planning to release it in two weeks."HOW? Easy...
from: slashdot
1. Sign in to Gmail.
2. Click Settings at the top of any Gmail page.
3. Set 'Browser Connection' to 'Always use https.'
4. Click Save Changes.
5. Reload Gmail.
And if you are using Gmail Notifier like me you will need to download a patch.
click here for more details.
No comments:
Post a Comment