lucky13

With Robert Graham’s demonstration at Black Hat showing that gmail accounts can be easily cracked and hijacked by intercepting cookies, here’s an example of using Greasemonkey to force gmail to use https instead of http.
I have a couple more alternatives. One is to use gmail notifier for firefox. This add-on uses the secure server by [...]

The first ever Pwnies are in, and the OpenBSD team collected one for most spectacular “mishandling” of a critical security vulnerability. See the link for other Pwnies.