A Seattle developer unveiled Firesheep, a Firefox browser extension that exposes user information when connected to public WiFi connections. What does this mean for the future of personal security online?
Seattle software developer Eric Butler insists he developed the Firesheep add-on extension for Firefox for pure reasons.
Why are people so upset about Firesheep and the publicity it’s receiving?
Because Firesheep makes it easy to gain access to computer users’ Facebook, Twitter and other personal login information when connected to a public WiFi network.
How Firesheep Works
It’s pretty scary how easy it is. All a person with malicious intentions needs to do is connect to a public connection and access the Firesheep add-on. The personal information for all users will be in a drop-down list — all the person needs to do is double-cleck the user’s Facebook or Twitter profile photo to get access to their accounts.
Butler: Trying to Help?
Of course, just because it’s available and easy-to-use doesn’t mean it’s legal — Firesheep is basically a user-friendly way to hack. In fact, using Firesheep to gain access to another person’s personal accounts illegally is a violation of the Computer Misuse Act.
So why did Butler release it in the first place?
He claims its for purely altruistic reasons — he wants to expose how easy it is to gain access to personal information on public networks. He hopes Firesheep will inspire web developers to implement higher-encrypted logins for their website.
That might not happen for awhile, so your best bet in the meantime is to avoid open-connection WiFi networks whenever possible, or access open networks using a VPN client. Annoying, but a small price to pay for added web security.