Gathering session cookies with Firesheep
Posted Nov 4, 2010 10:28 UTC (Thu) by gerv
In reply to: Gathering session cookies with Firesheep
Parent article: Gathering session cookies with Firesheep
The situation where self-signed-https causes scary warnings, whereas no-encryption-http does NOT. I don't know what the browser-makers are smoking, but the practical result is that if I make my site MORE secure, the users get hassled with warnings about me being UNSECURE. This is totally batshit crazy.
Not at all crazy. http://www.gerv.net/security/self-signed-certs/ .
to post comments)