Firesheep is a Firefox extension (.xpi) to sniff out cookies in unsecured wifi networks, and as simple as a double click – it logs you in as that person once it has sniffed out the cookie. I’ve tested it on Wireless@SG and IT WORKS! Firesheep sniffed out a few accounts within minutes of logging into Wireless@SG. So if you think you’re safe, think again.
Please note that I’ve only used Firesheep for testing purposes with no malicious intents but to educate the unaware.
In order to avoid this, use Wireless@SGx instead. I’ve tested it on Wireless@SGx and it doesn’t work on this network because it’s encrypted with a WPA2 Enterprise encryption.
If you’re an iCELL user, go to http://www.icellwireless.net/wsgx/user_guide/ to set up.
If you’re a SingTel/SingNet user, go to http://pas.singtel.com/wsg_connect/ to set up.
If you’re an M1 user, go to http://www.m1net.com.sg/wireless-sg/ssa/downloads.html to set up.
For those interested to check if it actually works, you can download Firesheep for Mac OS X and Windows. It will work for any OPEN networks (not encrypted).
Disclaimer: Please be aware that Singapore’s law is very strict with regards to these kinds of activities which will land you behind bars. I’m not responsible as to how you use this software.
Related posts:
Pingback: 65Bits #192: A Sad Week
Pingback: BlackSheep – Detecting Firesheep Running on the Same Network @ JustinLee.sg
Pingback: HTTPS on Twitter – Go Enable it NOW! | JustinLee.sg