Hacker News new | past | comments | ask | show | jobs | submit login

This is a stupid question, but what about a guy like me who has no access to a server?

I'm going traveling for all of next month, the only sites I'll be checking where I'll be logged in is my hotmail account, and I might check my bank account (Chase) - both use https, so I suppose I'm in the clear then? (also when I click "log out" on these sites, it logs me out, but if my session has been hijacked, will it log the hijacker out of the session he's hijacked of mine as well?)

A cheap linux VPS is a couple bucks a month. Mine is three. If you aren't looking for a deal, there are many many options at the 5 dollar price point. If five bucks is worth peace of mind for the next month, then that's your answer. This will also have the benefit of getting around filters that are operating on WiFi network you are on.

Wow, three? I thought prgmr.com's $5 system was the best deal I'd be able to find.

It was a special deal featured on http://www.lowendbox.com/. If you can pay by the year, there are even cheaper deals.

BuyVM.net has some good-for-my-purpose VPSes for cheap, so long as you can get them "in stock" (whatever that means...). Lowest one is a 15 bucks a year(!)

An Amazon EC2 micro instance is free for a year.

So I could go get a free VPS for a year through Amazon with this?

Generally websites will delete the login token on their side, leaving hijackers with an invalid token and a 'log in again' page.

Generally, watch out for older sites or sites made by people that haven't learnt much in this area which may store some kind of account id in place of a key generated on each login. In that case just because the website invalidated/deleted your cookie the hijacked cookie would still be good.

I would consider paying for VPN access. I travel a bit and use Witopia for this. It's not very expensive and is quite convenient.

Would the free Amazon EC2 deal for a year be good for this?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact