Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / All-Topics

FireSheep Version 2.0

0.00/5 (No votes)
5 Mar 2012CPOL2 min read 24.9K  
FireSheep Version 2.0

FireSheep Version 1.0

I think about two years ago, I read about the FireSheep Firefox plug in that allows you to hijack any user's account to many different sites (Facebook, flickr, twitter, etc.) that is surfing on the same wifi connection that you are using. This can be extremely brutal to use in any coffee shop, hotel, airport, just sitting outside someone's house stalking them, whatever... The point is, the person who created this, Eric Butler, didn't do this as a hacking tool, but as a wake-up call to all the sites that aren't encrypting their connection via SSL, and a lot of them didn't even change that since...

FireSheep in action...

The Potential Danger

The second I read about this, I just couldn't stop thinking about what a dangerous tool this can become. Imagine this - someone expands this tool to send all the currently active session cookies in the current wifi network to an online database, and now all the active sessions from all the Firesheep users are shared worldwide. This means that you don't even have to be in the same wifi network as someone else to hijack their account. All you need is for someone else to be there while you're in the comfort of your own home... Isn't the internet a beautiful thing ??? :)

The Future...

Two years (maybe more) later, and I'm happy to see that no one did this yet, but I am still very afraid of the day someone will! I looked at Firesheep code a little just out of pure curiosity, but never even downloaded it or tried it myself. I'm not a hacker and not interested in becoming one. The one thing I am concerned about here is my own personal security, so I am still hoping that these sites will improve the security for the sake of their users. Unfortunately, sometimes the only thing that speeds up the process is a lunatic taking advantage of the current situation.

Till then, beware...

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)