TweakTown
Tech content trusted by users in North America and around the world
6,068 Reviews & Articles | 38,989 News Posts

Firesheep extension shows just how vulnerable open wifi networks are

Using an open wifi network? You might want to read this!

| Hacking & Security News | Posted: Oct 26, 2010 6:57 am

Firesheep is something that has been popping up around the place for a few days - I thought I'd share it here for the uninformed, or at least, if you didn't know - pass the news on to someone you know who uses unsecure Wi-Fi.

 

TweakTown image news/1/7/17285_142.jpg

 

The above picture shows what it would look like - allowing you to login as another person on the open wifi network.

 

A Seattle based programmer, Eric Butler has released an extension for Firefox which shows you a graphical list of the online accounts of everyone sharing an open wifi network with you - with a simple single click, you're instantly logged in as them.

 

This vulnerability is NOT new - it is a problem that has existed for years now, but is being bought into the public eye now. A quick explanation of how it works: Most major websites transmit keys to your account - your login HTTP "cookies" - without any encryption at all. This problem doesn't really register when you're on a secure wifi network - for example when WPA is enabled, but of course, nothing is 100% safe.

 

Sites that are vulnerable are: Amazon, Dropbox, Facebook, Flickr, Foursquare, Google, nytimes.com, Tumblr, Twitter, WordPress, Yahoo and Yelp.

 

Butler released the program, supposedly to encourage these types of sites to increase their security... he goes on to say "Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web."

 

NEWS SOURCES:Gizmodo.com.au

Related Tags

Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases