on 11-02-201005:25 AM - last edited on 11-15-201012:20 PM by DougVZ
The flaw that is addressed in http://www.grc.com/sn/sn-272.htm which is Security Now! with Steve Gibson, Episode 272, recorded October 27, 2010: Firesheep puts a lot of pressure on you to deploy full SSL.
For example by Full SSL, I don't just mean to log-in with. I mean,
#1 The site must allow users to browse & post while using SSL.
#2 For sending and receiving e-mail (it could be by web based e-mail or SMTP/POP OR even an IMAP client on their computer) using SSL.
#3 The site must allow users to browse, pay online while using SSL.