Connect with us


Firesheep Opens Eyes to Insecure Browsing



Firesheep is a new dirty word in many eyes around the Internet. Firesheep is a Firefox extension that allows a snooper to relatively easy get into anyone’s browsing sessions on a public WiFi hotspot. Think of your favorite coffee shop. Dwight Silverman has a nice write up on this here. The story he recounts is a bit hair-raising, so go read it. Here’s a quote about how Firesheep works:

Firesheep finds connections being made to popular websites through the standard, non-secure http protocol. It can “sidejack” that session, allowing you instantly to be browsing someone else’s Facebook or Twitter account. If you’re using the encrypted, secure https connection a site, you’re safe. The problem is, too many sites don’t offer https connections, or they aren’t consistently available throughout the site, leaving users vulnerable.

Obviously this comes with the now overused “browse safely” warning. But it raises a real question of ethics when it comes to its release. The developer sees himself as a good guy pointing out holes that already exist. Others don’t quite see it that way. I’m one of those.



  1. Josh Einstein

    10/29/2010 at 4:50 pm

    It could be a good thing. It took Chinese hackers to force Google into using full SSL encryption across the whole apps stack. Microsoft still hasn’t done this. SSL is not particularly difficult to set up and *everything* supports it. In the past it was said that SSL added a substantial burden on the server due to CPU required to encrypt the traffic but I suspect that’s not much of an issue anymore. I could be wrong.

    But aside from just compromising security, bare HTTP compromises privacy. If this forces more sites to use full session SSL I’d be happy.

  2. Anonymous

    10/30/2010 at 6:01 am

    this seems like a joke to me. how can it be SO EASY to hack into facebook and twitter user accounts. this is really a big privacy issue as far as i am concerned and i do not trust facebook at all anymore. new social networking websites such as mycube and diaspora are being developed and we should move on to them as soon as they open. these guys are offering complete privacy and i think it makes sense to switch

Leave a Reply

Your email address will not be published. Required fields are marked *

This article may contain affiliate links. Click here for more details.