Topic: They climbin in your internets, snatchin all your info up

[BlackNMild2k1]

so hide your passwords, hide your cookies
so hide your passwords, hide your cookies
and protect your network, cause they hackin everyone out here [/autotune]

FIREFOX EXTENSION LETS YOU HACK INTO OTHER PEOPLES ACCOUNTS AT THE CLICK OF A BUTTON!!
http://codebutler.com/firesheep

Developer Eric Butler has exposed the soft underbelly of the web with his new Firefox extension, Firesheep, which will let you essentially eavesdrop on any open Wi-Fi network and capture users’ cookies.

As Butler explains in his post, “As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed” in the window. All you have to do is double click on their name and open sesame, you will be able to log into that user’s site with their credentials.

Within an hour of Butler’s post appearing on Hacker News, Firesheep was downloaded more than 1,000 times and evidence of usage has already popped up on Twitter in fantastic fashion.

According to Butler’s post, he created this seemingly diabolical tool to expose the severe lack of security on the web. We spend so much time quibbling over the minutia in privacy policies, we lose sight of the forest, or in this case, gaping security holes.

“Websites have a responsibility to protect the people who depend on their services. They’ve been ignoring this responsibility for too long, and it’s time for everyone to demand a more secure web. My hope is that Firesheep will help the users win,” Butler says.

Go to View -> Sidebar -> Firesheep -> Start Capturing -> Log into one of the sites it sniffs for and you should see your info pop up on the sidebar if you didn't use SSL.

Here's the list of sites it looks for in the network:
Amazon.com
Basecamp
Bit.ly
Cisco
CNET
Dropbox
Enom
Evernote
Facebook
Flickr
Foursquare
GitHub
Google
Gowalla
Hacker News
Harvest
Windows Live
NY Times
Pivotal Tracker
ToorCon: SD
Slicehost: Slice Manager
Tumblr
Twitter
Wordpress
Yahoo
Yelp

so go download this, get over to starbucks.... or your college wifi hotspot and PM me the juiciest results
http://github.com/codebutler/firesheep/downloads

p.s. you are only vulnerable to this on shared networks, so the only people able to hack you(or vice versa) are the people on the same network as you.
p.p.s. This is not something new either, public networks have always been this vulnerable, this app just makes it so everyone can do it.
So don't log onto personal information while on public networks unless you have taken all precautions to protect your info, like:
https://www.eff.org/https-everywhere

[BranDonk Kong]

Lovely. I only use a MAC filter at home, but you would pretty much have to be inside my house to steal my signal anyway.

[NWR_insanolord]

As someone who is forced to use a shared network on campus, this is frightening to me. It's making me consider using a tethered connection to my iPhone for anything sensitive.

[TheBlackCat]

Your university network is not secured?  That's pretty shocking.  Most seem to use 802.1x nowadays.

[NWR_insanolord]

Nope, it's just MAC filtered 802.11g.