Firesheep Firefox Add-on Hijacks Facebook And Twitter Accounts

A security researcher has released an add-on for Firefox that allows anyone to hijack a user's Twitter or Facebook accounts over an open Wi-Fi connection.

The add-on, named 'Firesheep', was released by web application developer Eric Butler during the ToorCon security conference held in San Francisco and is designed to hijack a user's current internet session over the unsecured Wi-Fi network.

The main motive behind the release of the add-on is to make people aware of the dangers of accessing unencrypted websites from public Wi-Fi hotspots, Butler said.

“This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL,” he wrote on his blog.

Butler also criticised social networking platforms Facebook and Twitter for not introducing SSL encryption on their website, despite knowing the kind of dangers not using it poses for their users.