It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A new Firefox feature called “Firesheep” can be used to easily hack into a person’s computer over a public Wi-Fi network and gain access to several popular sites, including Facebook, Twitter, and Amazon.
An add-on to the Mozilla Firefox browser, Firesheep allows someone to view the networking session identification and authentication codes – cookies – being sent from the public Wi-Fi network to each computer logged on to it. Access to that information affords the hacker the same unimpeded privileges as the computer's rightful user.
“Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure Web. My hope is that Firesheep will help the users win.”
Just to add so that you don't go causing mass panic;
This won't work on your SECURE WIFI at home, or if you use a normal Home Router connected to your ADSL. In other words, most home users of the internet have nothing to fear of this, unless you just plugged everything in right out of the box and did nothing else.
It only works on a LAN - or a Local Area Network - where you and others using same Network (Not the same ISP) share one access point. The average home internet user who is not using Unsecure WIFI or is using a Wired ADSL setup connected to your phone line, will not be able to either use this tool, or have it used on you.
It would work extremely well at a WIFI hotspot. So in that you would want to be very wary of what you connect to if out in Public.
(You know how people around here are, you give them something and they make a mountain out of it.. you have to spell it out for them!!)
Originally posted by LadySkadi
Oops - I missed the original thread. Thanks for bringing that up. And just to clear up any misconceptions, I wasn't intending to "feed any fears" it was simply a question about what the add-on could actually do vs what it claims it can do, hence the posting in the science and tech forum.edit on 26-10-2010 by LadySkadi because: (no reason given)
Originally posted by Blackmarketeer
This wont work with most people's laptops, the network card can't enter into "promiscuous" mode (a requirement for this add-on). TBH the FF add-on isn't doing anything hackers on a wifi network can't already do, this just brings it to the masses.
A FF add-on called "Force-TLS" will prevent anyone from tracking your web activity over an open wifi network.
Originally posted by tothetenthpower
I'm not surprised.
Although it really doesn't work all that well, anybody with a decent security software package can easily block this program from phishing for information.
~Keeper
Originally posted by toreishi
i don't know but i'm having a hard time absorbing my observation that everybody seems to be trying to feed everyone else's fears. there's already a so-called fix for firesheep.
HTTPS encrypts user data, so if a script like Firesheep’s like tries to pull it, it can’t be read. Force-TLS forces a number of sites to make all of their requests over an SSL secured channel and while some sites, like Amazon, don’t currently have the secure option, the majors like Facebook, Twitter, Google, etc all allow a HTTPS connection.