Wi-Fi Firesheep Hacking Tool Threat to Public Wi-Fi

Mozilla Firefox Icon
Image via Wikipedia

Firesheep is a Firefox add-on that it possible for anyone to hack into open Wi-Fi networks, such as those commonly found in public networks. Written by Eric Butler, it allows you to intercept cookies by Amazon, bit.ly, Facebook, Twitter, CNET, Cisco, Dropbox, Google and numerous others. The technique is known as ‘HTTP session hijacking’ (or ‘sidejacking‘). The programmer also says its easy for any competent programmer to write their own plugins to add to the sites that can be hacked.

The captured cookies contain the login details of the unsuspecting user of the public network and will also display their photo and name in the browser sidebar. By double-clicking on the user you can then login to the site in question, just as if you were the actual user. The potential for anyone to exploit this for nefarious ends is frightening, and should make everyone think twice about using public (open) networks at all.

Butler has said that the only effective way to combat the vulnerability his Firefox web browser add-on Firesheep takes advantage of is for the sites to use full end-to-end encryption, known as HTTPS or SSL but many sites default to the HTTP protocol because it’s quicker.

Although you can download the add-on from eleewhere I am not including any links here to it as I don’t want to encourage such activity.

Enhanced by Zemanta
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s