funsec mailing list archives
Re: Firesheep protection?
From: silky <michaelslists () gmail com>
Date: Wed, 3 Nov 2010 08:03:37 +1100
On Wed, Nov 3, 2010 at 7:07 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rMslade () shaw ca> wrote:
Working towards some protection (not just against Firesheep, but the real problem), anyone have comparative advice on the useability/effectiveness of: HTTPS Everywhere https://addons.mozilla.org/en-US/firefox/addon/229918/ also at https://www.eff.org/https-everywhere Open Secure https://addons.mozilla.org/en-US/firefox/addon/11358/ also at http://opensecext.blogspot.com Force-TLS https://addons.mozilla.org/en-US/firefox/addon/12714/ also at http://forcetls.sidstamm.com/ or any other recommendations?
Shouldn't we include a token in the cookie and validate/re-write it upon each request? Anyone see a problem with this approach?
====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Shadwell hated all Southeners and, by inference, was standing at the North Pole. - `Good Omens,' Neil Gaiman & Terry Pratchett victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
-- silky http://dnoondt.wordpress.com/ "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature." _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Firesheep protection? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Nov 02)
- Re: Firesheep protection? der Mouse (Nov 02)
- Re: Firesheep protection? Joel Esler (Nov 02)
- Re: Firesheep protection? Robert Graham (Nov 02)
- Re: Firesheep protection? Jeffrey Walton (Nov 02)
- Re: Firesheep protection? Robert Graham (Nov 02)
- Re: Firesheep protection? Jeffrey Walton (Nov 02)
- Re: Firesheep protection? silky (Nov 02)
- Re: Firesheep protection? Rich Kulawiec (Nov 02)
- Re: Firesheep protection? der Mouse (Nov 02)