A Good Reason To Go Full-Time SSL For Gmail

@ 2008/08/19
A tool that automatically steals IDs of non-encrypted sessions and breaks into Google Mail accounts has been presented at the Defcon hackers' conference in Las Vegas. Last week, Google introduced a new feature in Gmail that allows users to permanently switch on SSL and use it for every action involving Gmail, not just authentication. Users who did not turn it on now have a serious reason to do so, as Mike Perry, the reverse engineer from San Francisco who developed the tool, is planning to release it in two weeks.

Comment from Kougar @ 2008/08/21
Patch does the same thing. Just a little text editing in a hex editor, needed to change the URL... Nice they have a patch though, didn't spot it.
Comment from wutske @ 2008/08/21
Quote:
Originally Posted by Kougar View Post
Here's a guide to hack Gmail Notifier to work with SSL Gmail. Without this Gmail Notifier does not work when the account is set to use SSL.

http://www.wikihow.com/Hack-Gmail-Notifier-to-Use-SSL
official patch: http://mail.google.com/support/bin/a...py?answer=9429
Comment from jmke @ 2008/08/21
use Google Talk Labs Edition, SSL notification working nicely
Comment from Kougar @ 2008/08/21
Here's a guide to hack Gmail Notifier to work with SSL Gmail. Without this Gmail Notifier does not work when the account is set to use SSL.

http://www.wikihow.com/Hack-Gmail-Notifier-to-Use-SSL
Comment from wutske @ 2008/08/20
aha, now I know why they introduced an option to prevent you from signing in using the http protocol .

 

 

Copyright © 2001-2011 Madshrimps, All rights reserved.
Graphic Design by Dennis Kestelle, Programming by Maarten Menten, Overall Site design by John Meys

All information and graphics contained in Madshrimps are sole property of the Madshrimps crew and may not be reproduced or copied in any manner without written permission from us.

Madshrimps