Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Firesheep, or how you can become a stalker in seconds

M

meelash

macrumors member
Original poster
Aug 7, 2008
56
0
http://codebutler.com/firesheep

Easy, one click HTTP Session hijacking from within firefox.

Step 1: Go to public wireless access point (coffee shop, student center, etc.)
Step 2: Have open, one-click access to people's facebook, twitter, etc.


Yup, it's really that easy.:eek:
 
Seriously, you guys don't find this an interesting topic of discussion?? I can't believe that no one here is not regularly using unsecured, free wireless at coffee shops and university campuses. You aren't surprised by how easy this is?


Obviously (I hope), the how to be a stalker thing was tongue-in-cheek.
 
I don't think many people realized this was in the news yesterday.

Perhaps you should have posted a link to facilitate the discussion.
 
meelash said:
Seriously, you guys don't find this an interesting topic of discussion?? I can't believe that no one here is not regularly using unsecured, free wireless at coffee shops and university campuses.
Click to expand...

Some of us have a data plan. ;)
 
meelash said:
Seriously, you guys don't find this an interesting topic of discussion?? I can't believe that no one here is not regularly using unsecured, free wireless at coffee shops and university campuses. You aren't surprised by how easy this is?


Obviously (I hope), the how to be a stalker thing was tongue-in-cheek.
Click to expand...

I have tried it at my school, the University of Utah, and the school has blocked certain ports. It says it cannot access some port and therefore won't work. However on the school's unsecured open network it does work.
 
I downloaded this and installed it. Note, it needs the latest build of Firefox to work.

I find this type of thing very interesting, and I certainly hope it forces Big Website to implement necessary changes. That said, I'm never on public networks doing things I need to have locked down tight, so it's no skin off my nose. Still, one of these days I'll take my MBP to the library and try it out. :D

Although, there are legal ramifications if you get caught. This type of covert espionage - however white-hat or yokel it may be - is illegal.
 
One thing to note is it does not work on encrypted networks regardless of whether you have the key.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back