FFreelance software developer Eric Butler has released Firesheep, a plug-in to the Firefox Web browser that lets anyone capture cookies from an open WiFi network and possibly steal their owners' identities.
Firesheep is free and open source program available for the Mac OS X and Windows platforms. Butler is working on a Linux version.
Butler wrote that he released Firesheep to draw attention to the longstanding poor state of website security.
Encrypting logins, as many websites do, is not enough, because once the site sets a session cookie, it reverts to regular, unencrypted HTTP for the rest of the session, exposing the user to interception.
Firesheep Exposes the Soft Underbelly of Website Security
No comments:
Post a Comment