Skip to main content

Firesheep exposes gaping Wi-Fi security holes

best-firefox-add-onsIn case you weren’t already weary of Internet security plagues, here’s a new one for you. Firesheep, a downloadable extension for Firefox, can now make it more than possible for someone to take over your Wi-Fi session. It makes it really easy.

Once installed, a person can hijack your Wi-Fi session, including the ability to access Twitter, Facebook, WordPress, and Amazon accounts, among others.

Who’s responsible for this? Software developer Eric Butler says he created the app in order to show the masses how easy it is for their accounts to be highjacked over a Wi-Fi connection.  And if you were already aware of this, he is simply confirming it for you.

On his blog, Butler explains the simplicity of Firesheep. “It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable.” Butler has made the add-on openly available and very simple to download and use – so anyone with a Wi-Fi connection and a strong sense of curiosity can easily try it out.

Wi-Fi security isn’t a new issue. Concern about accessing secure information over a public connection has been loudly voiced, but the effortlessness and availability of Firesheep makes it easy to use by anyone, even those with little to no technical knowledge.

Butler insists his motives are pure, that website security needs to acknowledge these holes and fix them before more people like him won’t exploit them.

Editors' Recommendations