Firesheep is a "new" FF addon (although based on some aged concepts) using wincap, allowing to sniff and capture other's connection datas when they are eg connecting to FB through a Wifi hotspot. This hack was recently presented at Torcoon 12 in San Diego.
A said Bruce Schneier:
Schneier on Security: FiresheepOctober 27, 2010
Firesheep
Firesheep is a new Firefox plugin (that makes it easy for you to hijack other people's social network connections. Basically, Facebook authenticates clients with cookies. If someone is using a public WiFi connection, the cookies are sniffable. Firesheep uses wincap to capture and display the authentication information for accounts it sees, allowing you to hijack the connection.
Protect yourself by forcing the authentication to happen over TLS. Or stop logging in to Facebook from public networks.
EDITED TO ADD (10/27): To protect against this attack, you have to encrypt the entire session -- not just the initial authentication.
Other link:
FireSheep ha.ckers.org web application security lab
Fortunately, an other FF extension appeared recently, named Blacksheep, is able to alert you when some is sniffing your datas with Firesheep.
BlackSheep Alerts You When Networking-Sniffing Tool Firesheep Is After Your Passwords
Last release of EFF's HttpsEverywhere may help, also.
In conclusion (but is it really a surprise ?): Use SSL/TLS as often as possible ( SBI support SSL), and maybe, use Noscript also to encrypt cookies (but I have had problems in surfing on https SBI with "cookies encryption" activated in NoScript).
The 0.9.0 release of HTTPS Everywhere is a new beta version designed to offer improved protection against Firesheep. Most notably, it can provide much better protection for Facebook, Twitter and Hotmail accounts, as well as completely new protection for bit.ly, Dropbox, Amazon AWS, Evernote, Cisco and Github. Unfortunately, in order to obtain maximum Firesheep protection, especially on Facebook, you must take two extra steps:
* Turn on the "Facebook+" rule. You can do that in the Tools->Add Ons->HTTPS Everywhere->Preferences menu. It isn't on by default, because it can cause Facebook Apps to raise errors. We're still waiting for Facebook to fix this, and the chat problem :(.
* Install the Adblock Plus Firefox extension too, and use it to block the insecure http:// adds and trackers that Facebook (and other sites) sometimes include.
And for God's sake, don't use FB.
Bookmarks