Firesheep is a Firefox add-in showing how insecure HTTP sessions are

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

When you access a website to enter or view sensitive information, it's important that the site use https (which creates an encrypted SSL session) rather than standard http sessions. SSL encryption is especially important and mandatory for banking or any e-commerce transactions.

With Firesheep All Your HTTP Sessions Are Belong To Us
http://blogs.pcmag.com/securitywatch/2010/10/with_firesheep_all_your_http_s.php
http://www.technewsworld.com/story/Firesheep-Exposes-the-Soft-Underbelly-of-Website-Security-71115.html
http://www.networkworld.com/news/2010/102610-firesheeps-a-huge-hit-with.html
http://blogs.wsj.com/digits/2010/10/25/firesheep-highlights-web-privacy-problem/

QUOTE: If you didn't already know that plain HTTP sessions are utterly insecure, here's proof: A new Firefox addin named Firesheep captures sessions on open Wifi networks and goes one step more sinister. It finds users logged into Facebook, Twitter, Google, Amazon, Dropbox, Evernote, Wordpress, Flickr, bit.ly and other services. It lets you take over their sessions and become them.

Posted: Oct 26 2010, 04:46 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.