Suspected PayPal Hackers Seek Deal To Stay Out Of Prison
Did A Google Earth Mistake Cause A Couple's Brutal Murder?
Fight Firesheep with FireShepherd
Earlier this week, a login-cookie-snooping Firefox plug-in called Firesheep rocked the Internet by letting anyone compromise your Facebook or Twitter account over a wireless network. Alarmed at Firesheep's 200,000 downloads, an Icelandic engineering student named Gunnar Sigurdsson created FireShepherd, a program that crashes Firesheep with floods of nonsense packets. Although Firesheep was originally created to prove a point about insecure login credentials on social networks, the huge number of downloads means that it could be a security risk to everyday users. Sigurdsson compares it to "living in a house with nothing but windows." Of course, security researchers or malicious users could patch up the Firesheep flaw that FireShepherd exploits, but FireShepherd's creator has vowed to keep finding new ways to stop the snooping plug-in.
[via Forbes]
Comments
3
Subscribe to commentsSteve SchwartzOct 29th 2010 10:58AM
FYI, Firesheep is not a "password-snooping" plugin. It has nothing to do with your password; it does not find or store your password. It hijacks your session *after* you've logged in by copying the cookie that the website (facebook, twitter, whatever) sends back to you after you login.
GeorgeOct 30th 2010 11:05PM
This is silly. FireShepherd doesn't do anything to solve the problem.
The only fix is for sites to fix their security problems.
beaujanglesNov 5th 2010 7:56PM
when will both be made available for chrome?