Slashdot Mirror

← Back to Stories (view on slashdot.org)

Herding Firesheep In NYC — Do Users Care?

Posted by timothy on from the not-so-much dept.

An anonymous reader writes "Following the Firesheep uproar, I spent some time telling people who don't read Slashdot about the vulnerability that open WiFi networks create in what seemed like the most effective way possible: by sidejacking their accounts and sending them messages about how it happened. The results were surprising — would users really rather leave their accounts open to intruders rather than stay off Facebook at Starbucks? The link recounts the experience, and also lists some rough numbers of how many accounts could be compromised at a popular NY Starbucks location."

3 of 200 comments (clear)

  1. Re:If you did this to me by pthisis · · Score: 4, Informative

    It Takes a Thief got the owner's permission before staging the break-ins. If you got someone's permission before attempting to sidejack their account, you'd probably be in the clear. Without it, you're breaking the law.

    --
    rage, rage against the dying of the light
  2. Re:They care - they're filing lawsuits by MichaelSmith · · Score: 3, Informative

    Gary LosHuertos

            * Gender: Male
            * Astrological Sign: Scorpio
            * Industry: Consulting
            * Occupation: Software Engineer
            * Location: New York : NY : United States

    Whoops! Your tongue is now a magnet. Whatever will you use for silverware?

    Plastic.
    Interests

            * road trips
            * programming
            * languages
            * movies
            * going out to eat
            * perkins
            * ihop
            * grammar
            * legends of the hidden temple

    Favorite Movies

            * Garden State
            * Little Miss Sunshine
            * Finding Neverland
            * Center Stage
            * Sphere
            * 1984
            * The Devil Wears Prada
            * Moulin Rouge
            * 28 Days Later
            * Cruel Intentions
            * Dogma
            * Contact
            * Rules of Attraction
            * LOTR

    Favorite Music

            * Alanis Morissette
            * Dixie Chicks
            * RHCP
            * Ben Folds
            * Styx
            * Journey
            * Eurythmics
            * The Police
            * Weezer
            * Indochine
            * Chumbawamba
            * Les Vulgaires Machins
            * Wicked
            * The Beatles
            * Jimmy Eat World
            * Avenue Q
            * Jason Robert Brown
            * Do As Infinity
            * U2
            * Fischerspooner
            * Chicks on Speed
            * Les Miserables
            * Talking Heads
            * They Might be Giants
            * Phantom Planet
            * Motion City Soundtrack
            * ABBA

    Even if thats all made up, this guy has posted more than one item to this blog.

    --
    http://michaelsmith.id.au
  3. Even forced SSL doesn't work by George_Ou · · Score: 4, Informative

    Forced SSL doesn't even work for Google, Twitter, and Facebook and probably most other sites even if they support SSL. That's because the javascript on those pages will opt to transmit authentication cookies in the clear. http://www.digitalsociety.org/2010/10/even-forced-ssl-is-broken-for-facebook-google-twitter/