Report: "Sidejacking" session information over WiFi easy as pie - Jacqui Cheng, ars technica
Users may think that their personal data is safe when they use a secure login page online, but that's quite far from the truth. In fact, everything from the contents of your e-mail, who your friends and acquaintances are, and almost anything else you can think of could be easily exposed by hackers if browsed via WiFi network, security firm Errata Security pointed out in a recent paper presented at this year's Black Hat 2007 and seen by Ars Technica. The method by which this data could become exposed is nothing new, but it is simpler than most "man-in-the-middle" attacks, says Errata. Many web services, such as Gmail, BlogSpot, Facebook, MySpace, LinkedIn, and Google Adsense use cookies to identify session information after the user has already logged in. Using a basic packet sniffer over a WiFi network and a proxy server to pass the information through, a determined hacker can easily "sidejack" the session information as his own by stealing session IDs straight out of the WiFi signal. He could then use that session ID to represent himself as the original user, says Errata, which would allow him to do things like make blog posts, unfriend all of your Facebook friends (*gasp*), and read or send e-mails.
Read More..