Freelance software developer Eric Butler has released Firesheep, a plug-in to the Firefox Web browser that lets anyone capture cookies from an open WiFi network and possibly steal their owners’ identities. Firesheep is free and open source program available for the Mac OS X and Windows platforms. Butler is working on a Linux version. Butler wrote that he released Firesheep to draw attention to the longstanding poor state of website security. Encrypting logins, as many websites do, is not enough, because once the site sets a session cookie, it reverts to regular, unencrypted HTTP.
If you are a plug-in fanatic and gives almost every plug-in a shot, then you must refrain from this one especially if you tend to use wi-fi network features.
This is a perfect example of why we've created www.getCocoon.com. It uses SSL to encrypt your connection protecting you from getting hijacked like this. Plus, it's a proxy and just plugs into Firefox, couldn't be easier. I'm working with them and the product is currently in beta and free. Let us know what you think! Thanks, DavidKris
Loading ...
Firesheep Exposes the Soft Underbelly of Website Security
Posted by: Richard Adhikari October 26, 2010 11:17 AMFreelance software developer Eric Butler has released Firesheep, a plug-in to the Firefox Web browser that lets anyone capture cookies from an open WiFi network and possibly steal their owners’ identities. Firesheep is free and open source program available for the Mac OS X and Windows platforms. Butler is working on a Linux version. Butler wrote that he released Firesheep to draw attention to the longstanding poor state of website security. Encrypting logins, as many websites do, is not enough, because once the site sets a session cookie, it reverts to regular, unencrypted HTTP.