Firesheep In Wolves’ Clothing: Extension Lets You Hack Into Twitter, Facebook Accounts Easily

Source: Tech Crunch

It seems like every time Facebook amends its privacy policy, the web is up in arms. The truth is, Facebook’s well publicized privacy fight is nothing compared to the vulnerability of all unsecured HTTP sites — that includes Facebook, Twitter and many of the web’s most popular destinations.

Developer Eric Butler has exposed the soft underbelly of the web with his new Firefox extension, Firesheep, which will let you essentially eavesdrop on any open Wi-Fi network and capture users’ cookies.

As Butler explains in his post, “As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed” in the window. All you have to do is double click on their name and open sesame, you will be able to log into that user’s site with their credentials.

Read more: http://techcrunch.com/2010/10/24/firesheep-in-wolves-clothing-app-lets-you-hack-into-twitter-facebook-accounts-easily/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+Techcrunch+%28TechCrunch%29

His FaceySpace, Twattler, and email accounts were hacked and threats against his family were made.

Only this article on how to protect yourself:

http://techcrunch.com/2010/10/25/firesheep

:hi:

If you care about your "private information", don't put it on the web, don't talk about it on the web, etc.

"Facebook Privacy" is an oxymoron, that's not what Facebook is about.

"Force-TLS allows web sites to tell Firefox that they should be served via HTTPS in the future; this helps secure you from accidentally negotiating an insecure session with certain sites."

https://addons.mozilla.org/en-US/firefox/addon/12714/

roduct's been released. Even worse than Microstiff.

eom

t the most of us out here like me.

As their wifi is set up with layer 2 isolation, so each connection is a separate virtual network, and can't see the traffic of other connections.

That makes it available to every jerk out there. I suppose this will have an unintended effect of increasing everyone's awareness of internet security - for a while anyway.