Firesheep panic

There seems to be a general panic and a blogstorm in the user community after the publishing of Firesheep, a simple to use Firefox extension, that you can install in minutes and that can be used to “sidejack” accounts by sniffing for cookies on popular websites like Google, Facebook etc. on open WiFi.

Whats the big fuzz? Everyone has worked hard for many years to ignore the warning message you get when connecting to open WiFI network …”Your are connected to an open network and your information may be visible to others..” or similar. The new thing is probably that Toorcon now has shown that even my grandmother can hijack someones account – the threat cannot be ignored anymore. So, if you absolutely need to be on an open uncontrolled WiFi get your SSL or VPN solution working. I guess WPA/WEP gives you some protection if you can rely on that only “the good guys” have the key ;-).

The discussion whether Firesheep is illegal is of course ridiculous – I think by openly publishing the software to anyone, Toorcon does us  a great service exposing threats that where always there. However, I think that there could be people out there prepared to do nasty stuff with this tool…

Some Swedish blogs on how to protect your sessions on open WiFi

About Jens Zander

Professor Jens Zander is professor in Radio Communication Systems at the Royal Institute of Technology, Stockholm, Sweden. He has been among the few in Swedens Ny Teknik magazine's annual list of influential people in ICT that have been given the epithet “Mobile Guru”. He is one of the leading researchers in mobile communication and is the Scientific director of the industry/academia collaboration center Wireless@KTH. His research group focuses on three main areas – the efficient and scalable use of the radio frequency spectrum, economic aspects of mobile systems and application and energy efficiency in future wireless infrastructures.
This entry was posted in Security. Bookmark the permalink.