Gmail Security Tips

With Robert Graham’s demonstration at Black Hat showing that gmail accounts can be easily cracked and hijacked by intercepting cookies, here’s an example of using Greasemonkey to force gmail to use https instead of http.

I have a couple more alternatives. One is to use gmail notifier for firefox. This add-on uses the secure server by default and only uses standard http connection to gmail if the user selects to use insecure connections.

Another alternative is to set up pop and use an e-mail client for gmail. Gmail’s pop and smtp servers require you to set up using SSL/TLS.

About these ads

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Follow

Get every new post delivered to your Inbox.

%d bloggers like this: