Hacker News new | ask | show | jobs
by acqq 5711 days ago
Even before FireSheep, that was known for anybody who cared to try it. The test (enter FB address with https, try to get the next page) doesn't need FireSheep at all to be demonstrated. And FireSheep doesn't do anything new except packaging the existing technology to make it extremely easy for everybody to experiment. But until FireSheep, if I'd tried to explain the problem to anybody, the best I'd get would be "meh." The worst: "you paranoid." Nice to see the change in the attitude.
1 comments
calloc 5711 days ago
This. I was trying to explain to my co-workers that this issue has existed for as long as the web has existed and they didn't really understand what I was talking about.

Not until they saw a demonstration video did they believe that it was as bad as I was telling them it was. It is hilarious as a security guy watching "new" exploits come out and watching them go into serious mode since this is a new exploit and it is a bad one and it is going to cause doom and whatnot.

If you can't trust the connection you are on, then time to not use said connection or VPN somewhere. Plenty of places to find hosted VPN services.

link
pinko 5711 days ago
> Plenty of places to find hosted VPN services

Care to recommend one? I've had a few unsatisfactory experiences (terrible bandwidth, unreliable servers, etc.) and would love a good recommendation.

link
quinndupont 5711 days ago
I've had good success with BlackVPN. Here's my review (with referral code to get us all free time!): http://www.iqdupont.com/blog/2010/4/19/blackvpn-review.html
link
modoc 5711 days ago
Have you tried these guys: https://www.goldenfrog.com/vyprvpn/vpn-service-provider
link
Anelly 5704 days ago
ibVPN is as good as vyprvpn but is cheaper and has more servers http://www.ibvpn.com/ + it provides free accounts weekly
link
acqq 5711 days ago
> find hosted VPN services

So have you solved your problems if you use third party VPN to do the encryption between you and the third party and the mentioned third party also conveniently has your whole data stream unencrypted, no matter from where you connect?

link
calloc 5710 days ago
If I get a VPN somewhere I would make sure I trust that endpoint to some degree. Just like I won't be caught surfing on public wifi I don't mind surfing from my home connection as I trust that there is a bit more protection than on a public wifi.
link