Firesheep Creator: 129,000 Copies Downloaded in One Day

Yesterday, we reported on Firesheep, the Firefox extension that allows anyone to log into anyone else’s social media accounts so long as both parties are connected to an unsecured wireless network. Understandably, the existence of such a thing freaked a lot of people out: There’s fortunately a way of protecting your accounts against Firesheep, but the number of people who do so is likely to be slim compared with the number of people who routinely access unsecured networks.

Recommended Videos

The number of people who downloaded Firesheep was not slim, however. Eric Butler, the software developer who created the controversial extension to draw attention to the alarmingly widespread vulnerability to HTTP session highjacking to which many major websites subject their users, has reflected on the first day of Firesheep’s life, and he reveals that more than 129,000 people have downloaded it. As one Redditor quipped, “Seems like every wannabe hacker and his brother downloaded that thing.”

Butler:

The real story here is not the success of Firesheep but the fact that something like it is even possible. The same can be said for the recent news that Google Street View vehicles were collecting web traffic. It should not be possible for Google or anybody to collect this data, whether intentional or not. Going forward the metric of Firesheep’s success will quickly change from amount of attention it gains, to the number of sites that adopt proper security. True success will be when Firesheep no longer works at all.

An across-the-board improvement in website security will take time, but people are beginning to see the risks of using insecure websites right now.

One useful safeguard: The EFF’s HTTPS Everywhere, which makes Firefox use only HTTPS connections, which aren’t vulnerable to sidejacking. It’s not perfect — Butler notes that “It does not appear to be immediately simple for users to add sites without some development experience,” and it doesn’t support all websites (though this is the fault of the sites and not the extension) —  but it’s a start. The finish won’t come until major websites safeguard their users rather than leaving all but the most tech-savvy at risk.

(Eric Butler via Reddit)


The Mary Sue is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more
related content
Read Article ChatGPT Voice That Sounds Like Scarlett Johansson in ‘Her’ Shut Down Following Backlash
joaquin phoenix wearing glasses with a mustache in her
Read Article Surprising No One, All 3,878 of Elon Musk’s Cybertrucks Are Being Recalled
Elon Musk during a T-Mobile and SpaceX event
Read Article ‘Mamma Mia!’ Star Sara Poyzer Says a BBC Production Replaced Her With AI
Sara Poyzer performs at the Magic at the Musicals event in 2019
Read Article In Moment of Unbelievable Irony, Midjourney Accuses Stability AI of Image Theft
Spider-Man pointing at another Spider-Man, who is pointing back.
Read Article Elon Musk May Be the Lesser of Two Evils in This Legal Battle With OpenAI
Elon Musk at the 2022 Met Gala
Related Content
Read Article ChatGPT Voice That Sounds Like Scarlett Johansson in ‘Her’ Shut Down Following Backlash
joaquin phoenix wearing glasses with a mustache in her
Read Article Surprising No One, All 3,878 of Elon Musk’s Cybertrucks Are Being Recalled
Elon Musk during a T-Mobile and SpaceX event
Read Article ‘Mamma Mia!’ Star Sara Poyzer Says a BBC Production Replaced Her With AI
Sara Poyzer performs at the Magic at the Musicals event in 2019
Read Article In Moment of Unbelievable Irony, Midjourney Accuses Stability AI of Image Theft
Spider-Man pointing at another Spider-Man, who is pointing back.
Read Article Elon Musk May Be the Lesser of Two Evils in This Legal Battle With OpenAI
Elon Musk at the 2022 Met Gala