Be (even more) careful with public hotspots. Firesheep released yesterday. Brilliant and scary.


For more information on this, as well as, a decent write up on an actual testing of this extension, see the Network World on Security article published today. Firesheep is scary, but its not that brilliant and really can't do much if you use an encrypted WiFi connection or VPN.
Its like the itunes of session hijacking...
Maybe I'm missing something, but wouldn't this also work on an encrypted wireless or wired network with arp poisoning?

Diary Archives