Two security researchers have coded a modded version of the Firesheep packet sniffer that exploits the use of unencrypted cookies by Google’s Web History feature.
As Sophos security analyst Mark Stockley notes, although a user needs to be logged in to access his or her web history, the platform does not require an encrypted (HTTPS) connection.
As such, the flaw could allow attackers to review who you’ve been searching for, who your social contacts are and who’s in your Gmail address book – if they are sharing the same WiFi hotspot as you.
Fortunately, the latest exploit does not allow attackers to take over Google Accounts, but obviously, it can be used to expose private data.
“While the direct access to users’ data is subject to a strict security policy, using personalized services (which may leak this same personal information) is not,” wrote Vincent Toubiana and Vincent Verdot, the creators of the modded Firesheep.
To be sure, the compromised cookies are deployed across more than 20 websites including Google Search, Google Maps, YouTube and Blogger.
Luckily, Toubiana and Verdot have already alerted Google, whose engineers are already working on a fix. However, Stockley recommends exercising caution.
“Although it is possible to protect yourself when searching by using Google’s HTTPS search many of the webpages where the cookie can be exposed don’t offer HTTPS as an option… [So] if you don’t use Web Search History or you’ve never heard of it you may want to visit your search history page and disable it,” he added.
