Session Hijacking - History

History

Session hijacking was not possible with early versions of HTTP.

HTTP protocol versions 0.8 and 0.9 lacked cookies and other features necessary for session hijacking. Version 0.9beta of Mosaic Netscape, released on October 13, 1994, supported cookies.

Early versions of HTTP 1.0 did have some security weaknesses relating to session hijacking, but they were difficult to exploit due to the vagaries of most early HTTP 1.0 servers and browsers. As HTTP 1.0 has been designated as a fallback for HTTP 1.1 since the early 2000s -- and as HTTP 1.0 servers are all essentially HTTP 1.1 servers the session hijacking problem has evolved into a nearly permanent security risk.

The introduction of supercookies and other features with the modernized HTTP 1.1 has allowed for the hijacking problem to become an ongoing security problem. Webserver and browser state machine standardization has contributed to this ongoing security problem.

Read more about this topic:  Session Hijacking

Famous quotes containing the word history:

    You that would judge me do not judge alone
    This book or that, come to this hallowed place
    Where my friends’ portraits hang and look thereon;
    Ireland’s history in their lineaments trace;
    Think where man’s glory most begins and ends
    And say my glory was I had such friends.
    William Butler Yeats (1865–1939)

    Three million of such stones would be needed before the work was done. Three million stones of an average weight of 5,000 pounds, every stone cut precisely to fit into its destined place in the great pyramid. From the quarries they pulled the stones across the desert to the banks of the Nile. Never in the history of the world had so great a task been performed. Their faith gave them strength, and their joy gave them song.
    William Faulkner (1897–1962)

    The foregoing generations beheld God and nature face to face; we, through their eyes. Why should not we also enjoy an original relation to the universe? Why should not we have a poetry and philosophy of insight and not of tradition, and a religion by revelation to us, and not the history of theirs?
    Ralph Waldo Emerson (1803–1882)