Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


Firefox extension makes social network ID spoofing trivial

Oct 26, 2010, 19:32 (1 Talkback[s])

[ Thanks to Chao-Kuei Hung for this link. ]

"A simple-to-use Firefox plugin presented yesterday at Toorcon in San Diego has hit the security world with the realization that squabbles about Facebook's changing privacy settings and various privacy breaches simply miss the point.

""When it comes to user privacy, SSL is the elephant in the room," said Eric Butler, the developer of the extension in question, dubbed Firesheep. By installing and running it, anyone can "sniff out" the unencrypted HTTP sessions currently allowing users on that network segment to access social networks, online services and other website requiring a login, and simply hijack them and impersonate the user."

Complete Story

Related Stories: