That headline sure got you to read this article, didn’t it? OK, well here’s the deal:
Gmail recently released a feature that allows you to enable SSL for the entirety of the time you are checking your mail. SSL encrypts your traffic, which makes it more difficult for an unauthorized party to snoop on what you are doing online.
Tech blog Slashdot just published a story about a hacking tool that can hijack non-encrypted session IDs. What that means is that this new piece of software is able to steal the token your computer uses to identify itself to Gmail in order to retrieve your mail, enabling someone else to access your account. The author of this tool plans to make it public in 2 weeks.
By enabling SSL in Gmail, you add an extra layer of security that makes it more difficult for hackers hijack your e-mail account. Follow these instructions to enable SSL:
- Log into Gmail.
- Click “Settings” in the top left corner of the window.
- On the “General” tab, scroll all the way to the button and check off the radio button next to “Always use https”.
- Click the “Save Changes” button.
You can find more information about this setting in the Gmail Help Center article on enabling the HTTPS setting, as well as in this Gmail blog post.
I have read that this hacking tool is also able to target other web-based e-mail providers such as Hotmail, however I am unaware of similar SSL settings offered by these companies. If you have any information, please leave a comment below.
Link via Robert Scoble on FriendFeed.
