Content deleted Content added
No edit summary Tags: Visual edit Mobile edit Mobile web edit |
Reverted 1 pending edit by 66.87.103.104 to revision 696898986 by Dat GuyWiki: rv unexplained unlinking; term not linked elsewhere in the article. |
||
Line 252:
===Network eavesdropping===
[[File:Cookie-sniffing.svg|thumb|A cookie can be stolen by another computer that is allowed reading from the network]]
Traffic on a network can be intercepted and read by computers on the network other than the sender and receiver (particularly over [[plaintext|unencrypted]] open [[Wi-Fi]]). This traffic includes cookies sent on ordinary unencrypted [[HTTP]] sessions. Where network traffic is not encrypted, attackers can therefore read the communications of other users on the network, including HTTP cookies as well as the entire contents of the conversations, for the purpose of a [[man-in-the-middle attack]].
An attacker could use intercepted cookies to impersonate a user and perform a malicious task, such as transferring money out of the victim’s bank account.
| |||