| |
'SideJacking' is fucking retarded.
by Acidus at 4:05 pm EST, Feb 4, 2008 |
[sigh] ... This whole "SideJacking" meme is especially annoying and amusing to me. I've had people contact me (neither Robert or Dave, mainly reporters and non-web infosec guys) asking my opionion on this dangerous attack. These are the same people have also said to me in the past that XSS isn't interesting because its just cookie theft and thats not very sexy. ... SIDE JACKING IS COOKIE THEFT YOU JACKASS! [SMACK] Why the hell are we still talking about this? |
| |
RE: 'SideJacking' is fucking retarded.
by Adam Ely at 4:24 pm EST, Feb 4, 2008 |
OMG OMG THANK YOU! I have been saying this since the Blackhat presentation. I actually finally registered just to respond to this. |
|
| | |
RE: 'SideJacking' is fucking retarded.
by Acidus at 8:46 pm EST, Feb 4, 2008 |
Worthersee wrote:
Agreed. This headline from Ars Technica pissed me off today: Researcher: Google Mail vulnerable to sidejacking despite SSL False: It is vulnerable despite SSL.
True: It is vulnerable when not using SSL. Errata Security continues to be hype masters. Maybe they can win the most overhyped bug pwnie award again.
Rob, you and I apparently read the same RSS feeds. That story lead me to this post and the anger that followed. I'm continually amused by who reads Memestreams. |
|
| |
RE: 'SideJacking' is fucking retarded.
by mh at 6:14 pm EST, Feb 4, 2008 |
amen.. i first said this [http://www.sensepost.com/blog/1320.html] soon after getting back from blackhat, but then.. it at least gave me 5 minutes of fun... [http://www.sensepost.com/blog/1321.html] /mh |
|
|
|
