Firesheep intercepts social network accounts over WiFi
CAMPBELL, Calif. (KGO) -- Nobody pays attention when a person walks into a coffee shop and logs a laptop onto the free public WiFi network. But what happens next should put you on the alert. An application called Firesheep can start tracking who is using Facebook or Twitter, intercepting data that allows a total stranger to take over your account.
"Now they can actually capture the cookie that passes along the identity information, and they can hijack your account or anybody that's using Firesheep can hijack your account," says McAfee security expert Joris Evers.
How is this possible? While a website may require a password to log in, many don't encrypt subsequent transmissions. That creates a security gap.
One customer we spoke to was logged onto Facebook while studying, but wasn't too concerned.
"It's mainly just like asocial network for me," says Campbell resident Irina Moiseyeva. "I only use it to kind of catch up with people every so often, but it's not like I'm saying, 'Oh, here's my Social Security mumber.'"
Firesheep was created by two Seattle programmers trying to wave a red warning flag.
"I wrote Firesheep because I was tired of having to deal with websites that were ignoring this problem of user privacy," says software programmer Eric Butler.
At the same time, their free application has been downloaded 800,000 times, empowering people to become identity thieves.
"The people who really need to watch this video are Facebook, and they need to realize they're the ones that make this possible," says Butler.
ABC7 contacted Facebook, but we have not heard back from them.
Firesheep also sniffs for account data for Twitter and 22 other popular websites.
"It brings to the forefront the risk of the public WiFi networks with unencrypted traffic, but also the fact that these websites, like the social networking sites you mentioned, don't encrypt their traffic throughout," says Evers.
Something to think about.
"I feel like privacy is definitely not guaranteed, and it's up to you to be aware of when you're covered and when you're not," says Campbell resident Sarah Schott.
internet, identity theft, facebook, twitter, campbell, technology, david louie
- Bay to Breakers draws thousands to San Francisco
- Tejay van Garderen wins Tour of California
- Two Powerball tickets in Calif. have 5 of 6 numbers
- NFL set to vote if Bay Area will host Super Bowl
- 2 men arrested in killing teen over iPad in Las Vegas
- Girl killed, parents hurt by shots fired into home
- Child injured in fall from second-story window in SF
- Emergency officials monitor Wichita-area tornado 2 min ago
- Warriors PG Stephen Curry set to receive key to city 16 min ago
- SF police ask for help in solving 2012 B2B homicide
- US gas prices up 11 cents over past 2 weeks
- abcnews: Men Struggle With Wives' Breast Cancer
- roundup: Fairfield shooting; Redwood City fire 41 min ago
- weather: Bay Area weather forecast for Sunday
Most Viewed StoriesMost Viewed VideoMost Viewed Photos