U GON GET HACKED
hide your facebook
hide your hotmail
hide your chatz
they rapin errybody out here
Most websites don't encrypt communication (gmail is an exception). When you access them with your laptop, anyone else on the same network (including the potentially thousands of people using wifi alongside you at a university) is receiving all the same data that you are.
Now, even the dumbest sites will encrypt the initial username / password (https). However, most of them will stop there, but the cookie allowing access is STILL BEING PASSED AROUND (http).
Normally, other computers hold their ears closed and say "na-na I can't hear you". Firesheep doesn't; to the contrary, it analyzes the data, extracts names of services (Facebook), pictures (their Facebook profile pic) and names of users (John Doe), then presents a nice handy sheet with icons for you to click on.
Pick one, doubleclick, and you've "hacked" someone's account.
hide your hotmail
hide your chatz
they rapin errybody out here
Most websites don't encrypt communication (gmail is an exception). When you access them with your laptop, anyone else on the same network (including the potentially thousands of people using wifi alongside you at a university) is receiving all the same data that you are.
Now, even the dumbest sites will encrypt the initial username / password (https). However, most of them will stop there, but the cookie allowing access is STILL BEING PASSED AROUND (http).
Normally, other computers hold their ears closed and say "na-na I can't hear you". Firesheep doesn't; to the contrary, it analyzes the data, extracts names of services (Facebook), pictures (their Facebook profile pic) and names of users (John Doe), then presents a nice handy sheet with icons for you to click on.
Pick one, doubleclick, and you've "hacked" someone's account.