Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firesheep Countermeasure Tool BlackSheep

Posted by CmdrTaco on from the baa-ram-yew dept.

Orome1 writes "Slashdot already covered Firesheep, the Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. Zscaler researchers have created, and are now offering to every consumer, a free Firefox plugin called BlackSheep, which serves as a counter-measure. BlackSheep combats Firesheep by monitoring traffic and then alerting users if Firesheep is being used on the network. BlackSheep does this by dropping 'fake' session ID information on the wire and then monitors traffic to see if it has been hijacked."

9 of 122 comments (clear)

  1. or just use proper security by datapharmer · · Score: 4, Insightful

    Or you could just force tls/ssl on sites that support it and render firesheep useless. Because you know, being alerted that your information just got stolen is much better than using proper security in the first place.... or not.

    --
    Get a web developer
    1. Re:or just use proper security by iammani · · Score: 5, Informative

      Exactly, this is what EFF's Firefox Addon does

  2. Since this thing attacks Firesheep by Spy+Handler · · Score: 4, Funny

    shouldn't it be called Firefox?

    Oh wait...

  3. So, to clarify... by Jugalator · · Score: 4, Insightful

    Since this extension only *informs* and does nothing else, such as actively disrupt Firesheep's functionality, you will still be busted if doing insecure communication on the network, see this warning suddenly pop up, and are already using Twitter/Facebook/...? And in this case, you would have to "ZOMGQUIT!!!" to have any chance of being safe.

    For how long can a session be hijacked anyway? If you close your browser, is the seesion instantly invalidated? Or only after like 5 minutes? I mean, in that case, Blacksheep could scream all it wants, and you'll still be a potential victim even if it warned you and you closed your browser (or tab).

    --
    Beware: In C++, your friends can see your privates!
    1. Re:So, to clarify... by Barefoot+Monkey · · Score: 4, Informative

      For how long can a session be hijacked anyway? If you close your browser, is the seesion instantly invalidated? Or only after like 5 minutes? I mean, in that case, Blacksheep could scream all it wants, and you'll still be a potential victim even if it warned you and you closed your browser (or tab).

      As long as the hijacker keeps using your session the session will stay alive, even if you close your browser. But if you actually log out of the website then the hijacker gets kicked off too. So if Blacksheep tells you that someone's on your account then log out of Facebook immediately. Or, better yet, check that your email address hasn't been changed while the other guy's been on your account, then log out.

  4. Re:Secure login by marcansoft · · Score: 4, Informative

    Secure login doesn't matter. You need secure everything, or people can just steal your session cookie. That is almost as bad as having your login stolen.

  5. Re:Secure login by SharpFang · · Score: 4, Insightful

    Firesheep doesn't steal login credentials, only hijacks (insecure) session already (securely) authenticated.

    You log in securely, you receive a cookie that proves you did. You present it to a webpage, the webpage allows you to access the content, because the cookie identifies and authorizes you. Then someone else obtains a copy of your cookie and their browser, upon presenting the cookie to the website, receives the same treatment as your own. Since the cookie is sent in plaintext in headers of every common unencrypted connection, obtaining it is trivial (compared to secure login)

    Examples? Facebook, Myspace, Twitter, enough for you?

    --
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  6. Master Yoda says: by TheWarp · · Score: 4, Funny

    Begun, the sheep wars have.

  7. Should Provide For Fun Trips To Starbucks by mastershake82 · · Score: 4, Funny

    Not because I care enough to use it to try to protect the 'sheep'. But I know that somebody will.

    I can't wait to be at Starbucks when a socially awkward 17 year old stands up triumphantly to save the day by alerting everyone that there is a 'Firesheeper' in the building hijacking their cookies!