Yesterday on German TV, a smartphone session hijacking app has been introduced (provided by cydia). “Stern TV” showed us on how a smartphone session can be hijacked easily when being logged in a public WLAN. With this app, it seems to be possible to spy out other smartphones, IPhones and Notebooks within the same WLAN (Spy-App / Spionage-App). So a personal Facebook account can be taken over by a stranger.
On the programers hompage I can read: was developed as a tool for testing the security of your accounts and is based on my Bachelor thesis with title “Session Hijacking on Android Devices”.
Ok, this is fine. But why is it so easy to create such a smartphone hijack app 
It seems as there exists also a smartphone session hijacking defense app – DroidSheepGuard – but does it really protect? Is it save?
Why does no “https everywhere” exist?
Use HTTPS wherever it is possible! It seems as following services do not provide HTTPS per default, so be careful when using them in a public WLAN:
- Youtube
- Amazon
- VKontakte
- Tumblr
- MySpace
- Tuenti
- MeinVZ/StudiVZ
- blogger
- Nasza-Klasa
On topic HTTPS, Google seems to be pretty good 