Firesheep Firefox extension: sidejacking made easy makes a point

firesheep sidejacking on open wireless network

Once you know how Firesheep can hack your Facebook account, your coffee shop wi-fi experience will never be the same. Image: CC mccheeck/Flickr

Firesheep is a Firefox extension that captures user names and passwords of anyone using the same open wireless network. Firesheep’s developer released the extension to demonstrate how exposed people are on open networks when they log into social network sites that employ cookies for user authentication. The good news is that certain Firefox extensions are available that protect personal information from “sidejacking” tools such as Firesheep.

Firesheep makes hacking social networks easy

Firesheep allows anyone to walk into a coffee shop and start prying into personal lives. Firesheep works because when users submit a user name and password to log in, the server replies with a cookie the browser uses for user authentication going forward. According to Eric Butler, who developed Firesheep, on the open wireless network in that coffee shop, cookies are being shouted through the air. Websites commonly protect user names and passwords by encrypting the login. However, in the interests of expediency, the cookie isn’t protected. On an open wireless network, sidejacking, or HTTP session hacking, is like shooting fish in a barrel.

How to use Firesheep

Firesheep is free, open source and available for Mac OS X and Windows. Install Firesheep, and a new sidebar appears in Firefox. Go to the coffee shop, connect to its open wireless network. Simply click the “Start Capturing” button. Anyone using the network logged into Facebook, or any other insecure website recognized by Firesheep will show up. The sidebar will display their name and photo. Double-click on the photo and Firesheep instantly logs into their private account. From there, Firesheep sidejackers can do anything they want.

How to block Firesheep

Firesheep can be foiled. According to TechCrunch, Firesheep works because most social sites, after encrypting login information, default to the HTTP protocol. The Firefox extension “Force-TLS” forces those sites to use the HTTPS protocol, which makes user cookies undetectable with Firesheep. The Force-TLS  Firefox extension allows users to change HTTP to HTTPS on sites selected in the Firefox Add On “Preferences” menu. HTTPS encrypts all user data so Firesheep can’t read it. Major sites such as Facebook, Twitter and Google allow HTTPS connections. Amazon currently doesn’t.


The Register


Other recent posts by bryanh