Developer Eric Butler has exposed the soft underbelly of the web with his new Firefox extension, Firesheep, which will let you essentially eavesdrop on any open Wi-Fi network and capture users? cookies.
As Butler explains in his post, ?As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed? in the window. All you have to do is double click on their name and open sesame, you will be able to log into that user?s site with their credentials.
Within an hour of Butler?s post appearing on Hacker News, Firesheep was downloaded more than 1,000 times and evidence of usage has already popped up on Twitter in fantastic fashion.
According to Butler?s post, he created this seemingly diabolical tool to expose the severe lack of security on the web. We spend so much time quibbling over the minutia in privacy policies, we lose sight of the forest, or in this case, gaping security holes.
?Websites have a responsibility to protect the people who depend on their services. They?ve been ignoring this responsibility for too long, and it?s time for everyone to demand a more secure web. My hope is that Firesheep will help the users win,? Butler says.
These are the sites it looks for:
* Amazon.com
* Basecamp
* Bit.ly
* Cisco
* CNET
* Dropbox
* Enom
* Evernote
* Flickr
* Foursquare
* GitHub
* Gowalla
* Hacker News
* Harvest
* Windows Live
* NY Times
* Pivotal Tracker
* ToorCon: SD
* Slicehost: Slice Manager
* Tumblr
* Wordpress
* Yahoo
* Yelp
Unsure on whether posting the link to the download would get me banned or not so will not post here just incase.
