Facebook, Yahoo!, Gmail or Hotmail account over a wireless connection just got a lot more dicey, as researchers here at the Black Hat hacker conference today demonstrated a new set of tools that help automate the hijacking of those accounts.
Demonstrating the tools before a standing-room only crowd, Errata Security Chief Executive Robert Graham scanned the Black Hat wireless network for anyone logging into their Gmail accounts. Applause erupted after Graham clicked on a link in the attack tool that allowed him to log in at the same time as the victim, displaying the contents of the poor guy's Gmail inbox on giant screens that flank the speaker's podium.
Nice article Humpty. I don't trust wireless connections even though they are encrypted. There's always a way around security.
Was the user logged in on the https setting? Everyone who has Gmail should just be sure to use https all the time.