Gmail, MySpace, and Wi-Fi are all perverse

A speaker at the 2007 Defcon conference made the audience cold when he showed the WiFi network hack in a blink of an eye, then leisurely read all the emails inside the victim's inbox.

Mr. Robert Graham, Managing Director of Errata Security surprised the audience by taking control of Gmail in front of the camera.

After his presentation, he again performed the attack in front of the journalist, even "robbing" a reporter's Gmail account to send the email.

" This attack method works for every open Wi-Fi hotspot (ie, not encrypted), such as the hotspots you often encounter at airports, Starbucks and public access points ," Graham said. said.

He used a "sniff" tool called Ferret to copy unencrypted cookies transmitted over WiFi. Then he "pasted" these cookies into his Web browser with another tool called Hamster.

In addition to this option, an attacker can also use a myriad of other means to steal Website cookies and attack user accounts on MySpace, Facebook, Google .

Therefore, it is recommended that public Wi-Fi hotspots should apply encryption technologies such as Secure Shell (SSH) or Virtual Private Network (VPN) to prevent uninvited guests from coming.

Trong Cam