When you watch movies these days—especially ones that involve computer security—you really need to take them with a grain of salt. Only in Hollywood can you crack a 1119781325-bit encryption algorithm, by hand of course, within seconds of the bomb detonating. Here’s a personal favorite: creating and uploading a computer virus into an alien operating system using only a few keystrokes. The sensationalism is sometimes so out there that disengaging your brain for a couple of hours is usually a good idea.

Seriously though, the real world and the movie world do agree on some threats. One of them is the topic of this chapter: session hijacking. This chapter first covers the fundamentals of session hijacking. It then explores ...