funsec mailing list archives

Re: Firesheep protection?

From: Joel Esler <joel.esler () me com>
Date: Tue, 02 Nov 2010 17:28:43 -0400

On Nov 2, 2010, at 4:24 PM, der Mouse wrote:

Working towards some protection (not just against Firesheep, but the
real problem), anyone have comparative advice on the
useability/effectiveness of: [...]


I'm no expert on Web risks.  But, based what I've managed to find out
about Firesheep, it seems to me the real problem underlying it is a
human-layer problem and thus is not fixable by technology.  Have I
missed something, or are you talking about a different "real problem",
or what?


The problem, as I see it, is that these Web 2.0 companies didn't really do a good job of authentication in the first 
place.

j
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Firesheep protection? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Nov 02)
- Re: Firesheep protection? der Mouse (Nov 02)
  - Re: Firesheep protection? Joel Esler (Nov 02)
- Re: Firesheep protection? Robert Graham (Nov 02)
  - Re: Firesheep protection? Jeffrey Walton (Nov 02)
    - Re: Firesheep protection? Robert Graham (Nov 02)
- Re: Firesheep protection? silky (Nov 02)
- Re: Firesheep protection? Rich Kulawiec (Nov 02)