Skip to main content

Researchers extend Firesheep to exploit Google Search data leak

posted onSeptember 9, 2011
by l33tdawg

A pair of security researchers have created their own version of the notorious Firesheep plugin to expose a data leak in the world's favourite search engine.

The proof-of-concept plugin exploits the use of unencrypted cookies by Google's Web History feature.

Although you need to be logged in to make use of Web History it does not require an encrypted (HTTPS) connection. This flaw can allow attackers to find out what you've been searching for, who your social contacts are and who's in your Gmail address book. The new variant of Firesheep allows hackers to easily exploit the flaw if they are sharing the same WiFi hotspot as you.

Source

Tags

Google Security Software-Programming

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Simplenews subscription

Stay informed - subscribe to our newsletter.
The subscriber's email address.
Keeping Knowledge Free for Over a Decade

Copyright © 2018 Hack In The Box. All rights reserved.

36th Floor, Menara Maxis, Kuala Lumpur City Centre 50088 Kuala Lumpur Malaysia
Tel: +603-2615-7299 Fax: +603-2615-0088