« Supreme Court Takes One, Leaves One | Main | Fastcase Joins the Big Boys of the Legal eContent Industry »
November 29, 2010
On Sharing, Stealing, and Protecting Your Cookies
It's Girl Scout Cookie season and everyone has their favorite flavor. It's nice to share cookies, right? Enter Firesheep, a Firefox add-on that allows anyone to steal your unencrypted cookies and hijack (or sidejack) your online session when using an unsecured wireless network (e.g., public WiFi connections at Starbucks or Panera). Firesheep works with selected social networking sites such as Twitter and Facebook. This means that a Firesheep user who is sitting within range of an unsecured network can hijack the Facebook session of an unsuspecting user and post to Facebook on that user's behalf. There is some protection by using another Firefox extension HTTPS Everywhere. However, HTTPS Everywhere is only effective if the websites you visit support HTTPS. Quoting Firesheep developer Eric Butler: "Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web. My hope is that Firesheep will help the users win." [BA]
November 29, 2010 | Permalink
