Computer hackers surf new program
MOST people have heard the term “a wolf in sheep’s clothing”. However, this old expression may need to be changed to a “hacker in sheep’s clothing” due to a sneaky new program called Firesheep, which allows hackers easy access to information on computers logged on to unsecured wireless networks.
Firesheep is a downloadable plug-in application for internet browsers which allows users to scan for unsecured wireless networks and steal “cookies” – files automatically stored on computers using the network which can contain automatic log-in information for some websites.
Websites such as Facebook, Twitter and some web mail services like hotmail allow users the option to automatically log-in to their accounts when they navigate to their pages, which creates a cookie file on their computer with their log-in information.
If Firesheep users get a hold of these cookie files, it can allow them to log-in in to the victim’s account and view information. It also grants them the freedom to make any changes they like, such as status updates or sending emails and messages.
Computer Troubleshooters North Coast owner Tony Hattam said downloading the plug-in and taking over someone’s account on an unsecured network was a relatively easy process and warned people to take precautions.
“It’s certainly quite insidious,” Mr Hattam said.
“Thankfully, it can’t track your username and password details, but it’s certainly the easiest way I’ve seen to take advantage of someone’s unsecured wireless connection.”
Mr Hattam said unprotected wireless networks were vulnerable to the process and once a hacker had gained access to a computer on the network, they could then view and copy these cookies files to various web accounts at their leisure.
Fortunately, sites such as bank websites which requested a password every time the user logged-on were safe from Firesheep attacks, but hackers could still potentially cause havoc and embarrassment by hijacking people’s Twitter, Facebook or web mail accounts.
According to Mr Hattam, the Firesheep program had been downloaded more than 129,000 times in the day after it was released so there were a huge number of potential hackers just waiting for an opportunity.
Mr Hattam said this, combined with the fact that many people were unintentionally running unsecured networks, gave potential Firesheep hackers a buffet of different targets to choose from.
He said the best way to thwart potential “sheepers” was to make sure any wireless networks were secured and password-protected and to avoid logging on to an unsecured public network.
“Setting up a password or securing your broadband connection is very easy to do,” Mr Hattam said.
“Even things like the free wi-fi at McDonald’s can leave your computer at risk from programs like Firesheep.”
He said a secure wireless network had to often be manually set up by the user and encouraged anyone wanting to establish a new network or secure their existing one to thoroughly read any documentation which came with the equipment.
Mr Hattam also said to run any software which originally came bundled with the equipment because this often walked users through the process of securing their wireless network.