Gmail Security Settings

A (potentially major) security issue has been demonstrated several months ago at DefCon, but not being a security professional I've only just heard about it. This issue is a vulnerability in many websites which utilize cookies to maintain active logins, such as gmail and I would guess facebook and myspace as well... The hacker can pick your cookies out of the air (when you're using wireless) and "slide" into your logged in account to do their damage. Of course they won't learn your password (though once logged in they can obviously change it!), but the potential damage is nonetheless limitless...

http://blog.wired.com/27bstroke6/2008/08/gmail-https-doe.html

Why hasn't Google dealt with this yet? Maybe because they're too busy worrying about the anti-trust suit shaping up against them...  Is Google really too big already?  No! (But the deal with Yahoo would afford them 80% of web advertising...)

My solution is like Biden's partition solution: Spin-off a smaller company (or companies) which focuses only on one type of advertising (e.g.,  fastclick-style) to keep the competition up in the advertising arena.  I'd really hate to see Google get busted up over something so stupid as the Yahoo buyout, which in my (optimistic) opinion was more about shutting down Yahoo than gaining a bigger market share...