Side Jacking - Getting around SSL encrypted passwords

Side jacking is a technique used to gain access to SSL encrypted web pages such as secure email.  Many people think that because they are using SSL browser encryption, they are totally secure. When a hacker uses side jacking, he takes advantage of people who save their login passwords in cookies so they don't have to log in to their secure site every time. By recording the wireless WiFi radio signals, the hacker can record those cookies. Once he has those cookies he has access to your secure email or other web site. While he doesn't have your password, he still has access to your secure accounts and can log in and do what he wants. The hacker can read your mail, check out what you bought on line and even see your bank and credit card information.

All it takes is for the web site you are logging into to have a fallback, non-SSL mode. This is a common occurrence on many "secure" web sites.  It only takes a moment for the hacker to grab the cookie and then use it to log himself into your account.

Unless you are using a secure personal VPN at your wireless hotspot, you are at risk even if you think all is safe and secure.