New Firefox add-on "Firesheep" - hijacks Facebook, Twitter sessions
Oct 30, 2010
Cybersecurity / Network Security
A new Firefox add-on called "Firesheep," developed by Seattle-based freelance Web application developer Eric Butler, enables almost anyone to scan a Wi-Fi network and hijack others' access to popular services like Facebook, Twitter, and others. Butler unveiled Firesheep at the ToorCon security conference in San Diego, which occurred from October 22-24. Butler explained that he developed Firesheep to highlight the risks associated with accessing unencrypted websites via public Wi-Fi spots. While many sites secure user log-ins with HTTPS or SSL, they often do not encrypt the rest of the traffic. "This leaves the cookie, and the user, vulnerable," Butler stated in a blog post. "On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy." Once a hacker obtains a user's cookie, they can perform any action that the user can on the website. Firesheep can hijack sessions on several major sites, includ