A security researcher has been in discussions with Google on an exploit he plans to release that would allow a hacker to easily intercept someone’s communications with supposedly secure Web sites over an unsecured Wi-Fi network, but other sites, like Facebook, Yahoo Mail, and Hotmail, remain vulnerable.

There are actually two problems with SSL implementations. The first issue is that many sites do not use SSL past the log-in page, and thus expose their users’ cookies to theft via sniffing by someone else on the network.

Nothing was done to fix the SSL problems until a month ago when Google announced that people can set Gmail to automatically encrypt communications between a browser and Gmail servers by default, instead of having to type in https://mail.google.com, Perry says.

Read More