Strangely, neither company has communicated directly with its users to warn them about Firesheep and this vulnerability.
Both Twitter and Facebook are aware of the vulnerability exposed by Firesheep and are working on solutions.
Like the popular Firesheep tool released in October, the hack demonstrates the insecurity of wireless networks.
FORBES: Smartphone Data Vulnerable To Base Station Spoof Trick
Between this and Firesheep, the moral of the story seems to be to avoid using public Wi-Fi networks.
FORBES: Those With Android Phones Should Avoid Public Wi-Fi Networks
Firesheep, the tool that makes hacking non-encrypted Web browsing sessions easy, has now been out for over a week.
Traditionally, adopting the security measures that prevent the easy hacking that Firesheep can do has been deemed too costly by website operators.
FORBES: Facebook Responds to Firesheep WiFi Security Controversy
Given the controversy, Firesheep may just result in a stampede to https.
FORBES: Facebook Responds to Firesheep WiFi Security Controversy
Also like Firesheep, the hack can be defeated by an encrypted connection.
FORBES: Smartphone Data Vulnerable To Base Station Spoof Trick
Facebook has just released new tools aimed at shoring up user's accounts against tools like FireSheep, by allowing people to always connect via a secure connection.
The legality of using Firesheep is less wooly when it comes to the Computer Fraud and Abuse Act, which criminalizes accessing computer systems without authorization.
After the experiment in the Cambridge cafe, the owners switched to a higher level of encryption for their network, making it impossible to use Firesheep.
Last fall the free tool Firesheep, which allowed anyone to snoop on unsecured nearby wifi connections, appeared on the Web and was downloaded hundreds of thousands of times.
FORBES: Encrypted Web Growth Poses Dilemma For Corporate Firewalls
But for anyone who wants to do their fellow network users a favor and really screw with anyone using Firesheep, one Icelandic hacker has come up with a more aggressive solution: FireShepherd.
FORBES: How To Screw With Firesheep Snoops? Try FireShepherd
The Web has been abuzz with warnings about Firesheep, a simple Firefox add-on that lets users steal cookies and snoop on the Facebook and Twitter activities of any fellow users on an unsecured wireless network.
FORBES: How To Screw With Firesheep Snoops? Try FireShepherd
So if you and a Firesheep user are in a coffee shop together taking advantage of free wireless and you visit a non-encrypted version of Facebook, the Firesheep user can hop into your account and take a look around.
应用推荐