[Full-disclosure] Not that new: Hotmail & Yahoo are insecure via WLANs

This may not be anything new to many of you but since many people I
have mentioned it to did not know it pays to repeat: Yahoo & Hotmail
are not secure when accessed via WLANs. True, they use https when
logging in, but all subsequent page views are done via http. For
further details see:

http://www.interall.co.il/hotmail-yahoo-https.html

-Hank

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: https question on popular email providors
    ... An attacker cannot send mail from your account, ... in plain text on yahoo's servers, available to anyone at yahoo, ... I am evaluating to what extent of implementation https ... The symmetric encryption under that session key ...
    (comp.security.misc)
  • Re: Wireless Network Connectivity
    ... does the Yahoo webmail site begin with https or http? ... network (incl. ... train station, and then use say Yahoo to do emails, when I type the ... Barb Bowman wrote: ...
    (microsoft.public.windows.mediacenter)
  • Re: IPAQ Internet
    ... login - at least this is the case with Yahoo. ... HTTPS and Socks proxy even if it doesn't display ... into any of these three web based mail accounts ...
    (microsoft.public.pocketpc)
  • Re: firefox issue
    ... i guess that your yahoo and hotmail setting use https, ... Do You Yahoo!? ... Mail has the best spam protection around ...
    (Fedora)
  • Re: force https
    ... That requires port 80 be open at the firewall to work. ... It can use http or https. ... >> Do You Yahoo!? ... Mail has the best spam protection ...
    (Security-Basics)