Firesheep

[Chiefcrowe]

This tool demonstrates how easy it is to intercept credentials of non SSL websites.
i thought it was pretty interesting and scary!!

http://codebutler.com/firesheep

 

[0roo0roo]

funny thing...anandtech forums doesn't enforce ssl...
ftl!

 

[Gamingphreek]

SSL/TLS is not the end all be all to defeating Firesheep. I would imagine that Anandtech ties a cookie to various other aspects of a user (IP-Address, Hashed username, etc...), not just arbitrarily sending it.

The big deal with Firesheep is that it makes the average computer user a real threat to basic level security.