O'Reilly logo

Securing PHP Apps by Ben Edmunds

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

© Ben Edmunds 2016

Ben Edmunds, Securing PHP Apps, 10.1007/978-1-4842-2120-4_2

2. HTTPS/SSL/BCA/JWH/SHA and Other Random Letters; Some of Them Actually Matter

Ben Edmunds

(1)Brooklyn, New York, USA

Once again, it’s time for a little story. In October 2010, Eric Butler released a Firefox extension named Firesheep to highlight a huge problem on the Web that most people hadn’t been paying enough attention to. Firesheep allowed any regular ol’ user to watch the nonencrypted traffic on their local network and then hijack other users’ sessions. Firesheep exploits a type of man-in-the-middle attack called sidejacking. Sound scary? It should, because it is. Maybe you’re thinking, well this is conjecture. Alright fine, facts in. Let’s walk through an illustration ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required