It isn’t often that I am struck speechless by a development in the tech industry, but that’s exactly what happened to me this week with the release of the Firesheep extension for the Firefox Web browser.
For those of you haven’t heard about it yet, Firesheep is a new extension developed by Eric Butler, a freelance Web and software developer. What this extension does is that it allows anyone on an unsecured Wi-Fi network to see everyone else on the network, and by doing a packet interception, it will let you see all the sites they are signed into. Want to see what they’re Facebook is like? Double click the sidebar listing for Facebook and you’ll be logged into the social site as that person.
Firesheep works off of a form of hacking called “packet sniffing” and while it has been around for years, it was never anything your average person knew how to go about doing. And that’s why Firesheep has grabbed everyone’s attention as it has turned every Firefox user into a potential hacker. Estimates say that the unofficial Firefox extension was downloaded more than 100,000 times in its first week.
If you’re home Wi-Fi network is secured, you’re fine, but the next time you decide to run down to the local coffee shop that offers unsecured free Wi-Fi, you may be allowing someone else in the coffee shop into your social accounts without your knowledge. There are a ton of fixes that have been suggested, most of them involving proxy servers, but how many people have ever heard that term let alone knowing how in he world to work it? The easiest answer of course is only being on a secured Wi-Fi network, and you may want to talk to the coffee shop owner about securing their network.
While the ease with which people can do this now is a disturbing development, you also have to tip your hat to Mr. Butler for bring more attention to the serious issue of Wi-Fi security that so many people ignore. That’s part of what delayed me writing about this because I was annoyed by its creation, but after a lot of thought I had to admit the impact I was seeing in the tech blogosphere changed my mind. It seems people are finally taking security at least somewhat more seriously, and that’s never a bad thing.
What say you? Is Firesheep a good or bad thing? Have you tried it out?
