Tuesday, October 26, 2010

Re: Firesheep

Thanks, Bill

I know from a good source that it works as described. I'm very glad our
wireless network is secured and encrypted, so it won't work on campus.


Jim Heynderickx

On Mon, Oct 25, 2010 at 8:04 PM, Bill Fitzgerald <dwfitzgerald@yahoo.com>wrote:

> Hello, all,
>
> Just wanted to give you a heads up about an app called "Firesheep" -
> http://codebutler.com/firesheep
>
> From the description:
>
> "After installing the extension you'll see a new sidebar. Connect to any
> busy
> open wifi network and click the big "Start Capturing" button. Then wait.
> As
> soon as anyone on the network visits an insecure website known to
> Firesheep,
> their name and photo will be displayed. Double-click on someone, and
> you're
> instantly logged in as them."
>
> So, a person can install a Firefox extension, and start taking over other
> people's Facebook/etc accounts. There are some limitations to where it
> will
> work (it works best over unsecured wireless) but it definitely lowers the
> bar
> for non-technical people to start stealing other peoples accounts.
>
> So, for those of you running school networks, it might be worth checking
> this
> out to see what is visible over your wireless.
>
> This Firefox extension has been recommended as a means of mitigating the
> effects: https://addons.mozilla.org/en-US/firefox/addon/12714/
>
> Cheers,
>
> Bill
>
>
>
>
> [ For info on ISED-L see https://www.gds.org/podium/default.aspx?t=128874]
> Submissions to ISED-L are released under a creative commons, attribution,
> non-commercial, share-alike license.
> RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L
>

[ For info on ISED-L see https://www.gds.org/podium/default.aspx?t=128874 ]
Submissions to ISED-L are released under a creative commons, attribution, non-commercial, share-alike license.
RSS Feed, http://listserv.syr.edu/scripts/wa.exe?RSS&L=ISED-L