Firesheep nabs credentials through website weaknesses.
It’s no great secret that public and open Wi-Fi networks are not particularly secure. But developer Eric Butler’s alarming new proof of concept, called Firesheep, shows just how simple it is to steal log-in credentials, and how many popular websites leave their users exposed. Many sites offer a secure log-in feature, but then rely on an unencrypted cookie to identify your session and keep you signed in. When you’re using an open Wi-Fi network, these cookies are “basically shouted through the air,” as Butler writes on his site. That makes it very easy for someone to monitor traffic over the wireless network, identify cookies and make copies of them for their own nefarious purposes…
Firesheep listens for cookies being sent over the network, and grabs them. When a session from an unprotected site is detected, the sidebar automatically displays usernames and corresponding account photos, if available. Simply clicking on a user’s name opens the target site with that user’s account, allowing you free reign over their data. The list of vulnerable sites includes popular (and potentially dangerous) destinations, like Google, Facebook, Twitter, Amazon and Dropbox.