[funsec] Firesheep protection?

Joel Esler joel.esler at me.com
Tue Nov 2 16:28:43 CDT 2010


On Nov 2, 2010, at 4:24 PM, der Mouse wrote:

>> Working towards some protection (not just against Firesheep, but the
>> real problem), anyone have comparative advice on the
>> useability/effectiveness of: [...]
> 
> I'm no expert on Web risks.  But, based what I've managed to find out
> about Firesheep, it seems to me the real problem underlying it is a
> human-layer problem and thus is not fixable by technology.  Have I
> missed something, or are you talking about a different "real problem",
> or what?

The problem, as I see it, is that these Web 2.0 companies didn't really do a good job of authentication in the first place.

j


More information about the funsec mailing list