Home > Uncategorized > What’s The Deal With Firesheep?

What’s The Deal With Firesheep?

October 28, 2010 Leave a comment Go to comments

Firesheep makes it trivially easy for even non-advanced users to highjack authenticated web sessions being transmitted over wifi networks under the following circumstances:

  1. If you’re using a non-https site (i.e. Twitter, Facebook, and lots of others)
  2. If you’re using an https site with poor session management (such as redirecting some of the site to http and transmitting cookies for the authenticated session over http). Lots of sites that use https put https protections at risk by mis-handling session cookies.

Not using https and/or not using good session/cookie management have been calculated/mitigated risks or just laziness on the part of site designers. For lots of medium sensitivity sites (like social network sites), users who understand the choice have been ok with not using https as a mitigated risk. Then of course there are lots of users who don’t understand the choice.

The thought process has basically been that it’s hard enough to intercept traffic in most usage scenarios and the sensitivity of the data is low enough (i.e. it’s not like its your banking site) that it’s a good security tradeoff. It’s been regarded as secure enough, and the rate of incidents of session highjacking could be expected to remain low.

The availability of something like Firesheep changes this equation considerably on open wifi networks. The rate of incidents of session highjacking on sites not using https or using https with poor session/cookie management and being accessed via open wifi networks can be expected to become much higher in pretty short order.

Open wifi isn’t the problem in particular. Poor website security design is the problem. The same basic risk of interception of sensitive data exists as your web session traffic moves across the various intermediate networks between your computer and the website you’re using. But the interception of traffic on those networks is much more difficult and is generally exposed to a much smaller set of potential bad actors. With firesheep, on open wifi networks the degree of difficulty has been reduced to the point that the risk of session highjack is much, much higher.

More information:

http://codebutler.com/firesheep-a-day-later

Advertisement
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.