Firesheep demonstrates a security flaw that the computer security community has been concerned about for years — that any network eavesdropper can take over another user's session (say, a login to a webmail or social networking account) just by sniffing packets and copying the victim's cookie
Full story »
lozz
13 years 49 weeks 1 day 3 hours ago
HTTP, too insecure
I feel, that given the evidence of HTTP's innate security problems, that everyone in the Free Software Community should insist that HTTPS is enabled site-wide on every site where we have regular dealings.
Anything less, subjects us to an Internet Explorer level of total insecurity.