Public Service Announcement: Be Wary of Public WiFi

As some of you may have heard, a programmer named Eric Butler has released a Firefox add on called Firesheep that allows you to hijack the cookies of nearby open wifi users who are logged into non-SSL encoded sessions to websites - like Facebook for example.

More informaton on it is availalbe here: http://codebutler.com/firesheep

The ability to do this has actually been around forever - it’s just moved from “trivial with basic networking/programming knowledge” to “trivial to someone who knows how to use a webbrowser”

I just use a VPN when on a public hotspot.

Reminds me that I should just switch to a powerline network and then I don’t have to worry about someone cracking my wifi either.

I read on Lifehacker that there’s something called Fireshepherd that helps lock your stuff down when you’re on public wi-fi.

It does no such thing.

Use Blacksheep instead.

It floods the network with packets to confuse any Firesheep clients running on the local network, and tries to itself sniff out FireSheep. If detected, you are told the IP address of the FireSheep client so that when you are in Starbucks, you can yell “Whichever one of you motherfuckers is IP 192.168.1.10 running Firesheep, you’ve got 10 seconds to clear the fuck out of here before I kick your fucking teeth in.”

That is awesome. I’m deploying that immediately.

Although the flood of packets has got to wreak havoc on crappy consumer grade hotspots and make the network crap for everyone, doesn’t it?

Depending on the hardware, maybe. That is damn cool though.

Well, it’s not a DDOS in that sense, and I worded that quite poorly. It puts out a whole bunch of fake session information out on the wire at regular intervals… sort of like a sonar ping from a destroyer… and then listens to see if anyone else starts rebroadcasting the fake session info… and then BAM, gotcha you dirty Firesheep runner.

Awesome. I’m running this on all public wifi now. They just need to build this into DD-WRT and have auto-flagging occur when detected. Allow the router to send an email over SMTP if anyone is detected using Firesheep so admins can ban their MACs. Something tells me the vast majority of people who might use something like Firesheep might not be smart enough to fake their MAC addy.