[liberationtech] Firesheep: Making the Complicated Trivial

Douglas Finley dafinley at gmail.com
Tue Oct 26 09:55:33 PDT 2010 

Would this http://pajhome.org.uk/crypt/md5/ help.
My initial assumption is not because you would have to have an md5
check<http://pajhome.org.uk/crypt/md5/>
on the server side...
But including permanent ssl, would showing the user the list of other IP
that are logged in (like Gmail)
and allowing them to login them out.  Or even a mode in applications that
only allows one logged in user
at a time...assuming firesheep only works once the victim has logged in
once.
They would still steal the cookies, but they couldn't login two the site
could they..or if they're on the same
wi-fi router would they appear as the same user?

On Mon, Oct 25, 2010 at 4:17 PM, Chris Palmer <chris at eff.org> wrote:

> On Oct 25, 2010, at 1:22 PM, Frank Corrigan wrote:
>
> > "Firesheep will scan local Wi-Fi networks. It will locate users who are
> > logged into Facebook, Twitter, Google, Amazon, Dropbox, Evernote,
> > Wordpress, Flickr, bit.ly and other services.
>
> Take a look at the "other services" that Firesheep can attack. A moment's
> reflection should disturb you even more deeply than you already were. :) EFF
> is going to be communicating with some of the more important sites.
>
>
> --
> Chris Palmer
> Technology Director, Electronic Frontier Foundation
>
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
>
> Should you need to change your subscription options, please go to:
>
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> digest?"
>
> You will need the user name and password you receive from the list
> moderator in monthly reminders.
>
> Should you need immediate assistance, please contact the list moderator.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20101026/af7c902d/attachment.html>

More information about the liberationtech mailing list