Facebook Twitter LinkedIn E-mail RSS
Home Wireless Security Firesheep Plugin Exploits Google
formats

Firesheep Plugin Exploits Google

Researchers Vincent Toubiana and Vincent Verdot developed a Firesheep plugin that expose a data leak vulnerability in Google.

The proof-of-concept, exploiting the use of unencrypted cookies by Google’s Web History, allows  attackers to find out who your social contacts are and who is in your Google address book when you are sharing the same WiFi hotspot as him / her.

The Hacker News [2] provides a more technical overview of the technique used.

The Google Security Team has been alerted in regards to the vulnerability. While they are working on the fix, they recommend that users should not logged in to Google account when using an unsecured network [1].

 

A video by Sophos on preventing yourself from being a victim of Firesheep:

 

References

  1. Researchers extend Firesheep to exploit Google Search data leakMark Stockley.  September 08, 2011.
  2. Google Web History  vulnerable to new Firesheep AddonThe Hacker News. September 09, 2011.

Leave a Reply

Your email address will not be published. Required fields are marked *


9 + five =

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>