Hacker News new | past | comments | ask | show | jobs | submit login

Is there a real risk that someone (besides the government) can see your cookie?

Yes, if you login and your cookie is sniffed and spoofed then basically you just allowed the attacker to login as you at the same time.

Minimizing it is a little bit different: you can use a secure proxy/tunnel, you can limit your unencrypted wireless activity, you can make sure that sites that should be SSL encrypted are (stripping SSL is common when password sniffing) and you can avoid these services while on open wifi networks.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact