Runboard.com
You're welcome.







runboard.com       Sign up (learn about it) | Sign in (lost password?)

 
Queenyforever Profile
Live feed
Blog
Friends
Miscellaneous info

Platinum Member

Registered: 01-2007
Location: Walking a new path in Nature.
Posts: 765
Karma: 1 (+1/-0)
reply | quote
BEWARE of Firefox addon FIRESHEEP!


FIRESHEEP............dangerous!

Hubby's company sent out emails from the security dept.


On Sunday October 24th a “security vulnerability demonstration tool” was released to the public by a well intentioned security researcher.

The aim was to demonstrate how trivial it is to hijack a users web browser session when using shared public WiFi – for example, Starbucks.

 

The utility created for the purpose of the demonstration is beyond simple. It requires no experience at all, allowing any average Joe to become an accomplished and extremely malicious hacker in a matter of minutes, permitting them to log in as you with a single click.

 

The name of the utility is “FireSheep” and has been downloaded 450,000 times since Sunday. There are already widespread reports of it being used for malicious purposes ranging from simple identity theft to bank fraud.

 

Some of the websites directly targeted by this utility include:

 

n Cisco.com

n Facebook.com

n Yahoo.com

n Ebay.com

n Amazon.com

 

This vulnerability has ALWAYS been present with unsecured public WiFi; FireSheep only makes it worse by simplifying the attack vector.

 

Absolutely NO form of AntiVirus or [local] firewall can protect against this. It is a flaw inherent to wired and wireless networks.

The only things which mitigate this attack is full SSL encryption beyond the initial user authentication and this is generally not something you have control over.

 

As a general rule, don’t trust any networks with sensitive information which are open to the public and do not require a password.

If you have a phone which supports tethering and you are on a data-plan which permits doing so, use that instead of the public WiFi.

 

For more information see ISC:SANS & PCWORLD

 

http://isc.sans.edu/diary.html?storyid=9817

 

http://www.pcworld.com/article/208727/firefox_addon_firesheep_brings_hacking_to_the_masses.html


Queenyforever, 29/10/10, 23:11


---

*The noblest art is that of making others happy ~ P.T. Barnum.*
'Stay where there are songs."....Gypsy proverb~

29/10/10, 23:08 Link to this Post Send an Email to this person   Send a PM to this person Blog
 
The Wizard3 Profile
Live feed
Blog
Friends
Miscellaneous info

Owner / Designer

Registered: 06-2006
Location: Castle Belgalor
Posts: 2201
Karma: 3 (+3/-0)
reply | quote
Re:


Thanks for posting this Queeny, a good heads up for all, nice one.

Happy Thanksgiving to you and all
24/11/10, 14:09 Link to this Post Send a PM to this person Blog
 


Add A Reply





You are not logged in (login)
--> The Runboard Web-Ring <--
Previous | Home | Join | Random | Next