Technology content trusted in North America and globally since 1999
8,254 Reviews & Articles | 62,624 News Posts

Firesheep extension shows just how vulnerable open wifi networks are

Using an open wifi network? You might want to read this!
By: Anthony Garreffa | Hacking & Security News | Posted: Oct 26, 2010 6:57 am

Firesheep is something that has been popping up around the place for a few days - I thought I'd share it here for the uninformed, or at least, if you didn't know - pass the news on to someone you know who uses unsecure Wi-Fi.




The above picture shows what it would look like - allowing you to login as another person on the open wifi network.


A Seattle based programmer, Eric Butler has released an extension for Firefox which shows you a graphical list of the online accounts of everyone sharing an open wifi network with you - with a simple single click, you're instantly logged in as them.


This vulnerability is NOT new - it is a problem that has existed for years now, but is being bought into the public eye now. A quick explanation of how it works: Most major websites transmit keys to your account - your login HTTP "cookies" - without any encryption at all. This problem doesn't really register when you're on a secure wifi network - for example when WPA is enabled, but of course, nothing is 100% safe.


Sites that are vulnerable are: Amazon, Dropbox, Facebook, Flickr, Foursquare, Google,, Tumblr, Twitter, WordPress, Yahoo and Yelp.


Butler released the program, supposedly to encourage these types of sites to increase their security... he goes on to say "Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web."



Related Tags

Got an opinion on this news? Post a comment below!