Firesheep – why HTTPS is important

About 1 min reading time

Follow link to →

Eric Butler has written a Firefox extension which sniffs all connections made to insecure websites inside your current WiFi area. You can even double click on the identities in the sidebar and log in as them. Totally freaky. > HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy. This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL.