[kwlug-disc] Firesheep: Open WiFi cookie stealing for the masses ...
unsolicited
unsolicited at swiz.ca
Wed Oct 27 17:58:46 EDT 2010
Khalid Baheyeldin wrote, On 10/27/2010 5:47 PM:
> On Wed, Oct 27, 2010 at 5:38 PM, Paul Nijjar <paul_nijjar at yahoo.ca> wrote:
>
>> On Wed, Oct 27, 2010 at 04:56:34PM -0400, Khalid Baheyeldin wrote:
>> http://www.computerworld.com/s/article/print/9193201/How_to_protect_against_Firesheep_attacks
>>> The root problem is sites using plain text HTTP, but there no solution
>> for
>>> it
>>> until each and every site out there implements SSL.
>>>
>>> This may never happen, or will take a long time.
>> I was going to write some reply about how having multple SSL sites on
>> a shared host is hard (which is why kwlug.org has plaintext logins). But
>> once again I have been proved ignorant:
>>
>> http://en.gentoo-wiki.com/wiki/Apache2/SSL_and_Name_Based_Virtual_Hosts
>>
>
> You are missing the point.
I don't think so.
Paul's point is "What is a responsible admin to do?" What is
appropriate, what is reasonable?
Which takes nothing away from what you're saying from a user perspective.
There need be no certificate expense, there are free certificates out
there. Can't recall my favourite off the top of my head, but I
remember reading articles where the biggest hurdle is just getting the
various browsers to include that they are trusted certificate
authorities / servers.
Not to say a 'prudent' admin doesn't also establish vpn capabilities
for their enterprise.
Isn't the root cause, here, really, and merely, never use open wi-fi?
More information about the kwlug-disc
mailing list