Firesheep, A new Firefox plugin created by Eirc Butler that enables users to hack into the likes of Facebook and Twitter accounts when used on a public WiFi network. The plugin has already been downloaded over 110,000 times. The plugin takes advantage of the fact that cookies from these websites are sent over the network in plain text and not encrypted. By simply grabbing the cookie it enables the hacker to login to the account of the unsuspecting user.
This plugin enables the average Joe with no hacking skills or capabilities to gain access to your social network account.
There are a number of ways to circumvent such an attack, for corporate users through VPN’s or SSH tunneling but for the every day user HTTPS Everywhere is an option.
By enabling the average user to simply download and install this exploit it may force Facebook & Twitter to enhance the security of their platforms.
Instructions on how to install the plugin if your using Windows:
Simply go to the following address:
http://github.com/codebutler/firesheep
- Click on downloads
- Download the firesheep-0.1-1.xpi file
- Go to tools and Add-ons in Firefox
- Drag the firesheep-0.1-1.xp file into the box.
- Couldn’t be easier!
