Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security Encryption Firefox Privacy Social Networks Software Wireless Networking News

Firefox Extension Makes Social-Network ID Spoofing Trivial 185

Posted by timothy
from the plausible-deniability-for-farmville dept.
Orome1 writes "A simple-to-use Firefox plugin presented yesterday at Toorcon in San Diego has hit the security world with the realization that squabbles about Facebook's changing privacy settings and various privacy breaches simply miss the point. 'When it comes to user privacy, SSL is the elephant in the room,' said Eric Butler, the developer of the extension in question, dubbed Firesheep. By installing and running it, anyone can 'sniff out' the unencrypted HTTP sessions currently allowing users on that network segment to access social networks, online services and other website requiring a login, and simply hijack them and impersonate the user."
This discussion has been archived. No new comments can be posted.

Firefox Extension Makes Social-Network ID Spoofing Trivial

Comments Filter:

Civilization, as we know it, will end sometime this evening. See SYSNOTE tomorrow for more information.

Working...