Greasemonkey script blocks Gmail cookie-theft attacks

Summary:By now, you're probably read about Robert Graham's Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies.

Greasemonkey script secures Gmail from cookie-theft attacks
By now, you're probably read about Robert Graham's Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies.

The attack technique, called SideJacking, uses two homegrown tools -- Ferret and Hamster -- to sniff cookies from connections to unsecured Wi-Fi networks.

Careless Google account users are vulnerable because Gmail, Google Calendar, YouTube and Blogspot all default to "http:" instead of "https:" (which is available) at login.

It's a safe bet that Google will tweak this default but, in the meantime, there's a new Greasemonkey script that offers another layer of protection to Firefox users.

Created by Mark Pilgrim, GMailSecure forces Gmail to use a secure connection for all logins by redirecting  http://gmail.google.com/ to https://gmail.google.com/.

Here's Pilgrim's explanation of how GMailSecure works in the background to protect against things like SideJacking.

Topics: Security, Collaboration, Google

About

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.