Robert Graham, the CEO of errata security, surprised attendees by hijacking a Gmail session on camera and reading the victimâ€™s email. He went even further by demonstrating the attack to us in person, taking over another journalistâ€™s Gmail account and then sending us sheep-loving emails.
Now you know why itâ€™s dangerous to check your web emails in public hotspot or through open wi-fi connections. You can try https session and only use secure wifi connection to avoid problems.
From the article:
The attack is actually quite simple. First Graham needs to be able to sniff data packets and in our case the open Wi-Fi network at the convention fulfilled that requirement. He then ran Ferret to copy all the cookies flying through the air. Finally, Graham cloned those cookies into his browser â€“ in easy point-and-click fashion – with a home-grown tool called Hamster.