On The Insider: Nicole Richie Home from the Hospital
BNET Business Network:
BNET
TechRepublic
ZDNet

August 7th, 2007

Greasemonkey script blocks Gmail cookie-theft attacks

Posted by Ryan Naraine @ 5:28 am

Categories: Black Hat, Botnets, Browsers, Data theft, Exploit code, Firefox, Google, Hackers, Microsoft, Mozilla, Passwords, Patch Watch, Pen testing, Privacy, Responsible disclosure, Spam and Phishing, Vulnerability research, Wi-Fi security, Wireless

Tags: Google Inc., Google Gmail, Attack, Ryan Naraine

In Focus » See more posts on: Black Hat

Greasemonkey script secures Gmail from cookie-theft attacks By now, you’re probably read about Robert Graham’s Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies.

The attack technique, called SideJacking, uses two homegrown tools — Ferret and Hamster — to sniff cookies from connections to unsecured Wi-Fi networks.

Careless Google account users are vulnerable because Gmail, Google Calendar, YouTube and Blogspot all default to “http:” instead of “https:” (which is available) at login.

It’s a safe bet that Google will tweak this default but, in the meantime, there’s a new Greasemonkey script that offers another layer of protection to Firefox users.

Created by Mark Pilgrim, GMailSecure forces Gmail to use a secure connection for all logins by redirecting  http://gmail.google.com/ to https://gmail.google.com/.

Here’s Pilgrim’s explanation of how GMailSecure works in the background to protect against things like SideJacking.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 3 Talkback(s)
CustomizeGoogle Firfox Addin Does the Same Thing
The CustomizeGoogle Firefox Addin can do the same thing for Gmail, Calendar, Docs, Reader and Google Web History - plus a lot of other stuff :>)... (Read the rest)
Posted by: pfries@... Posted on: 08/08/07 You are currently: a Guest | | Terms of Use
Title is a bit misleading and it?s kind of a silly homage to Firefox.  georgeou | 08/07/07
It's perfect  Ryan NaraineZDNet Moderator | 08/07/07
CustomizeGoogle Firfox Addin Does the Same Thing  pfries@... | 08/08/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline