Aug 21 2007
Robert Graham is the CEO of Errata Security, as well as being a well-known security blogger, appropriately at the Errata Security blog. We took a few minutes at Defcon to talk about the Wall of Sheep, as well as a vulnerability in Gmail and all of the major Web-based email systems. While such systems use HTTPS to establish a secure connection for the initial user name and password transactions, they do not continue to use HTTPS for the entire session. Because of this, anyone who intercepts the communication between your system and their servers can capture your cookies and impersonate you until the cookie expires. Robert explained this vulnerability during his talk at Black Hat.