Hijacking FON user's Facebook & Twitter sessions using firesheep

Tue, 12/14/2010 - 18:42 by Damien Leroy • Categories:

In the following video, we show that it is easy (i.e. anybody can do it) to hijack FON user's sessions (i.e. access his Facebook, Twitter,... accounts) using a simple Firefox extension. You simply have to be connected on the same access point, which is an open access point in the case of FON and most hotspots.

In addition, we remind that FON also raises legal issues for the user sharing his Internet connection. He might be sued for his "visitors"'s misbehavior since he shares with his visitors the same public IP address that is used to trace back illegal behaviors on the Internet.

There is a clear need for a more secure WiFi sharing solution than FON and other techniques relying on open WiFi.