Netcraft - Firesheep brings session hijacking to the masses

[The_Unbeliever]

http://news.netcraft.com/archives/2010/10/25/firesheep-brings-session-hijacking-to-the-masses.html

A years-old vulnerability has been brought into the limelight by an open source FireFox extension which makes it extremely easy to hijack sessions belonging to other Web users on shared networks.

Eric Butler's Firesheep tool makes it remarkably simple for novices to hijack sessions on several social networking sites. Firesheep monitors network traffic and detects when someone visits a website which transmits unencrypted session cookies. The victim's name and photo is displayed by the tool, and double-clicking on that person instantly logs you in as them.

:wtf:

The sites in question better switch over to HTTPS quick-quick.

 

[Park@82]

interesting.