Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Firesheep is a Mozilla Firefox extension that uses packet sniffing to hijack unsecured Wi-Fi network sessions and capture unencrypted website cookies during network data transmission.
Firesheep was created by software developer Eric Butler and released in 2010 to prove the security risks associated with a number of popular websites, including Facebook and Twitter. The software served to highlight a major Web browsing security flaw that could expose users to malicious hackers. Of course, its capabilities were also useful to hackers, leading to some public concern about the software.
Most websites require user credentials, such as username and password, for authentication. After verification, website servers respond with unencrypted cookies for subsequent browser requests, which enables easy hijacking - especially in open Wi-Fi hot spot locations.
Firesheep essentially analyzed unencrypted Web traffic between a Wi-Fi router and the computers on the same network. As a Web browser exchanges cookie information with a website, Firesheep is able to snag session cookies, which could provide unrestricted access to a user's email, Facebook or Amazon account.
Although many websites have since switched to SSL connections, public Wi-Fi still presents security risks to users. Best practices should be used.