Why do we care about this? Because it's a legit attack over open WiFi that will allow a user to essentially hack your logins/passwords and gain access to your "private accounts" (i.e. Facebook, Email, etc.)
|All your HTTP logins belongs to me|
Onto the heart of the subject, Firesheep.
Firesheep was released on Monday, November 1st, and has already been downloaded something like 500,000 times. Firesheep is an addon to Firefox. The addon allows you to "sniff" the open wireless network you are on (at starbucks, safeway, the airport, whatever). Firesheep sniffs for, put simply, logon cookies. Other users on the same open Wifi as you, that login to say, Facebook...well you steal that "logon cookie" (I'm simplifying, run with me here...). You then use that logon cookie and gain access to whatever private site that user was logged into (i.e. Facebook). Pretty cool eh?
|Screenshot of Firesheep - Stealin Facebook Logins|
You may recall me mentioning how that wonderful open wifi at the airport was not-so-good after all in an earlier post about VyprVPN. Well, here's your proof. Seriously folks, be careful. I didn't mention the longer methods, that of course, are still valid...but now that Firesheep is out in the wild, it's gotten a lot easier. I'll be posting again with some screenshots of Firesheep in action around town. I'll also incorporate a how-to-beat Firesheep in the very near future. Hint: VPN