Fire Sheep - Black Sheep and other tools forcing Facebook to upgrade protection
Personally I take comfort that FireSheep is here as it will force web companies to upgrade their protection of your “data.” Often debates rage about what content you post about yourself but the majority of users have little appreciation of what actually happens several layers below the user interface. Most users have to assume that someone understands and will protect them – this is a great example of that, as the mechanics were there to protect you, but many companies did not implement them. This is much like Privacy International who stand up for your privacy rules and regulation.
FireSheep is a Firefox plugin, released as an open source and provides a simple tool, that once installed, can be used to steal cookies from any computer off the same access to unsecured Wi-Fi network. If you ‘borrow’ WiFi or access insecure WiFi in public, you will lose your FaceBook login to anyone running FireSheep. Very dangerous if you are a student on campus!
The reason Toorcon decided to release this plugin is to raise awareness of the problems that arise when companies do not use SSL. FireSheep is not the only way hackers can steal your login information but this plugin means anyone can. There are other, more sophisticated hacking programs that allow hackers to do the same. For the more technically minded check out http://codebutler.com/firesheep These methods are not new in fact anyone with some tech experienced could steal your cookies if you use unprotected WiFi to access the internet.
If you are worried who is trying to steel your login in – you can download BlackSheep which is a FireSheep detection tool, it will not stop them stealing but you will know who it is. Counter espionage.
More here http://blogs.computerworld.com/17338/some_thoughts_on_blacksheep_and_firesheep