protection of session hijacking
Sunday, January 26, 2014 by benmanns | Discussion: Mobile Tech
I read up on some nastys and i wonder what i can do to protect my data
Im not talking about Facebook, twitter, amazon and co hijacking only, im also worried about my personal information such as logins, contacts and all the above.
The easiest way would be to stay of mobile data transfer and wifi but thats not a real option.
So can someone experienced give me some advice would appreciate it.
Reply #2 Monday, January 27, 2014 9:24 AM
On https websites you should be fine, those connections are encrypted.
If you connect to a home network, make sure the network uses encryption (you'll have to enter the encryption key to access the network).
Reply #4 Monday, January 27, 2014 2:05 PM
ok sounds good so far but how can i be safe in open networks or Wi-Fi spots?
I’m aware that there is the chance to hijack the session even if it is using https:
I’ve found a website of a tool but I’m not going to post it checked some videos about it and its pretty scary what the tool is capable doing.
He also offers a shield for it also...But I’m unsure if i should trust it/ the site seems legit but i would like to understand what’s going on first.
I’m not very experienced in smartphones don´t use my phone for transactions or similar but i use it to check WC or my email.
@Moshi - the thing is once im logged in / the tool will be able to simply hijack the session and save the cookie and has basically full control.
That’s the main reason I’m worried however as soon as the session is closed he no longer has access.
But the idea of 2step authentication is a good start ... thanks.
Edit : All this writing and Moshi mentioned VPN sometimes i should read a bit more carefully.
I will test it with VPN and give feedback but im sure a VPN will do the trick. 
ty moshi
Reply #5 Monday, January 27, 2014 3:29 PM
Do not read your emails on an open network if you're that paranoid about evesdroppers. Wait till you get home and use a LAN cable.
If you have no choice and you have to use an open connection, then use certificates to encrypt the emails that you send to others (and let them encrypt their emails to you). I've never done that, so I'm afraid I cannot help you any further with this.
As far as I know, a VPN is only used to communicate between 2 computers. As soon as you're fetching information from the outside, there's no encryption. But you can use a VPN to set up a connection to your computer at home and check your Emails from there.
Reply #6 Monday, January 27, 2014 3:47 PM
1. VPN
2. http://www.ghacks.net/2014/01/14/whos-wifi-notifies-freeloaders/
3. Encrypt all data on your computer and in any cloud account.
Reply #7 Tuesday, January 28, 2014 2:31 PM
Doc since i know that you have knowledge about the subject i will send you the site i found per PM...
Note im not interested in the attacker much more in the shield that is offered- (the shield is also available via google play)
I guess the VPN is the best way to prevent such things.
Please login to comment and/or vote for this skin.
Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:
- Richer content, access to many features that are disabled for guests like commenting on the forums and downloading skins.
- Access to a great community, with a massive database of many, many areas of interest.
- Access to contests & subscription offers like exclusive emails.
- It's simple, and FREE!
Reply #1 Monday, January 27, 2014 8:19 AM
Anyone?
I thought you guys would be up to date on a topic like this, since most of you own a smartphone or a mobile phone.