Firesheep Countermeasure Tool BlackSheep

Orome1 writes "Slashdot already covered Firesheep, the Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. Zscaler researchers have created, and are now offering to every consumer, a free Firefox plugin called BlackSheep, which serves as a counter-measure. BlackSheep combats Firesheep by monitoring traffic and then alerting users if Firesheep is being used on the network. BlackSheep does this by dropping 'fake' session ID information on the wire and then monitors traffic to see if it has been hijacked."

Re:or just use proper security

[datapharmer]

well kind of... that plugin fails in that it requires you to add in each domain you want to use ssl for. I would recommend force-tls for firefox and KB SSL enforcer for chrome (the second is not completely secure due to chrome's design, but hoping that will be fixed soon).

Tell that to these 170 'nobodies'...

[Animaether]

The recent arrest of a 23-year-old California man that has allegedly hacked e-mail accounts of more than 170 women and posted sexually explicit pictures found within them to the victims' Facebook accounts, has highlighted the need to limit the amount of personal information posted on various social networks.

- http://www.net-security.org/secworld.php?id=10096

Counter-counter measures

[embolalia]

How long until Firesheep implements something that detects a Blacksheep trap, and doesn't respond to it? Will Blacksheep then implement a detection detector?

Re:Since this thing attacks Firesheep

[qubezz]

It should have been named white sheep, to prevent against black [hat/sheep] hackers.