Interesting. I had heard of Firesheep, but just looked at the details. How would you write an app that resists this kind of attack? Does an app that uses .NET Membership Provider have this kind of vulnerability (encrypted login, but unencrypted cookies.) Cheers,
Dylan. ________________________________ From: ozdotnet-boun...@ozdotnet.com [mailto:ozdotnet-boun...@ozdotnet.com] On Behalf Of mike smith Sent: Friday, 4 March 2011 10:42 AM To: ozDotNet Subject: Re: [OT] Global Roaming data plans and WiFi hacking On Fri, Mar 4, 2011 at 11:36 AM, Dylan Tusler <dylan.tus...@sunshinecoast.qld.gov.au<mailto:dylan.tus...@sunshinecoast.qld.gov.au>> wrote: Got a colleague who is travelling to UK, Greece and Turkey, and she wants to be able to do some internet stuff (banking, email etc) via mobile handset while on the move. Better to look for a data plan? Or rely on WiFi? How would you do it? Also, we have a co-worker that recently had her identity snatched via open WiFi in a cafe. Ended up losing her email account, and having her bank account compromised, partly because of lax password practices. How can you harden up against these kinds of things? google Firesheep. That's what's often used to hack, and looking at that gives suggested preventions. Cheers, Dylan Tusler Acting Data, Development & Integration Manager ICTS Branch Sunshine Coast Council ph: +61 (0)7 5420 8002 <http://www.sunshinecoast.qld.gov.au/> <https://www.facebook.com/SunshineCoastCouncil> __ __ To find out more about the Sunshine Coast Council, visit your local office at Caloundra, Maroochydore, Nambour or Tewantin or visit us online at www.sunshinecoast.qld.gov.au.<http://www.sunshinecoast.qld.gov.au/> If correspondence includes personal information, please refer to Council's Privacy Policy<http://www.sunshinecoast.qld.gov.au/sitePage.cfm?code=disclaimer> This email and any attachments are confidential and only for the use of the addressee. If you have received this email in error you are requested to notify the sender by return email or contact council on 1300 00 7272 and are prohibited from forwarding, printing, copying or using it in anyway, in whole or part. Please note that some council staff utilise Blackberry devices, which results in information being transmitted overseas prior to delivery of any communication to the device. In sending an email to Council you are agreeing that the content of your email may be transmitted overseas. Any views expressed in this email are the author's, except where the email makes it clear otherwise. The unauthorised publication of an email and any attachments generated for the official functions of council is strictly prohibited. Please note that council is subject to the Right to Information Act 2009 (Qld) and Information Privacy Act 2009 (Qld). -- Meski "Going to Starbucks for coffee is like going to prison for sex. Sure, you'll get it, but it's going to be rough" - Adam Hills ------------------------------------------------------------- To find out more about the Sunshine Coast Regional Council, visit your local office at Caloundra, Maroochydore, Nambour or Tewantin or visit us online at www.sunshinecoast.qld.gov.au. If correspondence includes personal information, please refer to Council's Privacy Policy at http://www.sunshinecoast.qld.gov.au . This email and any attachments are confidential and only for the use of the addressee. If you have received this email in error you are requested to notify the sender by return email or contact council on 1300 00 7272 and are prohibited from forwarding, printing, copying or using it in anyway, in whole or part. Please note that some council staff utilise Blackberry devices, which results in information being transmitted overseas prior to delivery of any communication to the device. In sending an email to Council you are agreeing that the content of your email may be transmitted overseas. Any views expressed in this email are the author's, except where the email makes it clear otherwise. The unauthorised publication of an email and any attachments generated for the official functions of council is strictly prohibited. Please note that council is subject to the Right to Information Act 2009 (Qld) and Information Privacy Act 2009 (Qld).
