Will Firesheep, Eric Butler’s Firefox extension, wake people up to the dangers of connecting to an un-secured wi-fi network? Unlikely - I think it’s just going to make it easier for the kid next door to jack your Facebook account.
Firesheep, makes it really easy for the little monsters out there to see that you’re on an un-secured network, grab your logins, and jack your online identity. Your Facebook relationship status will change from married to single, and you’ll Tweet the Tweet that will end your career, before you even realize the kid has the keys to the car.
Firesheep takes advantage of unsecured wireless networks and unencrypted cookies to “sidejack”, or gain access to sites by way of accessing these cookies. Developed byEric Butler, a freelance web application and software developer in Seattle, Washington, Firesheep was created and released at Toorcon 12 to demonstrate the security risk inherent in storing unencrypted login data in cookies. As Butler writes on his blog, “On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.”
Firesheep opens a sidebar in Firefox (screen shot) that shows everyone who is connected to a certain unsecured WiFi network. With a single click, you can connect to most any social network using that person’s user name and password.
I see the point Eric’s trying to make, but I’m not sure I agree with his methods. I’m hoping – if the point really is to educate people to the dangers of connecting to an un-secured wi-fi network, that Firesheep alerts the unsuspecting user before too much damage is done. If it doesn’t now – perhaps Eric will add this little feature in a future update. Little monsters, beware – Eric might just turn the tables on you.
No related posts.