Hacking has never been so easy.
A Firefox add-on for Mac and Windows called Firesheep is designed to allow any user to access Facebook, Twitter, Amazon, Google, WordPress and many other password-protected accounts of others on the same public Wi-Fi network. A sidebar appears listing the available accounts to hack, with the users’ name or username and often a picture.
So, basically, anyone with Firesheep can hack into every Facebook account on this campus.
On an open Wi-Fi network like Duke’s, a student with Firesheep can use this program in classrooms to hack into their classmates’ accounts on poorly secured websites. When a Facebook user in close proximity signs into the website, Firesheep catches this action and makes the user’s account available to the hacker.
The program occasionally fails in buildings many Wi-Fi ports, such as in the library or the Bryan Center. And, even in classrooms, Firesheep may not catch every available account.
If you're worried about people reading your Facebook messages, changing your password or making purchases on your Amazon account, then you should protect yourself against Firesheep. Make sure that your web session is completely secure, and install a Firefox add-on HTTPS Everywhere or encryption methods like SSH Sock proxy.
For Facebook, specifically, you just can go to Account Settings >> Account Security, and check the box that says “Browse Facebook on a secure connection (https) whenever possible.”
Protecting yourself isn’t so difficult, either.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.