Thursday 5 April 2012

Sidejacking

Sidejacking (session hijacking) is a technique that lets one user literally steal the current Web session of another.

Your password has not been stolen but another user, by "borrowing" your identity, can "be you" for that session (before you logout).


That means, for example, that you could be surfing your Facebook page when, suddenly, someone else is changing your status, posting messages on your friends' pages, and simply impersonating you right under your nose! The same goes for Twitter, other social media sites, and even web-based email.

With SSL (Secure Sockets Layer), all info will be encrypted and you are safe from sidejacking.  GMail was the first major email provider to enable SSL on all users' sessions.


No comments:

Post a Comment