Monday, November 8, 2010

BlackSheep – Firefox Add-on - Protect Against Firesheep

Zscaler Creates Free Tool That Allows Consumers To Protect Against Firesheep Security Threat

BlackSheep alerts users if sessions are hijacked after logging in to a social network or email

Firesheep enables others to surreptitiously “hijack” your user session, without your knowledge or consent, after you log in to Gmail or popular social networks such as Facebook and Twitter. Recently released by developer Eric Butler at the Toorcon security conference in October, Firesheep was downloaded over 100,000 times in the first 24 hours alone. Because it, also, is offered as a free Firefox plugin, Firesheep can be obtained by anybody, letting them listen passively on a network to obtain session information on users logged in to over two dozen popular websites. All a Firesheep user needs to do is click on a newly captured session to be effectively logged in with your credentials (username and password). Because it’s so easy, the likelihood of it being misused for wrong-doing or attacks on consumers is high.

By design, BlackSheep is a countermeasure to Firesheep to help consumers combat this threat and avoid falling victim, and it’s the only protection mechanism that exists to date. Given the popularity and rapid growth of Firesheep, BlackSheep can provide peace of mind to users on shared WiFi, home or corporate networks. Once downloaded, it displays a warning when Firesheep is detected.


No comments: