Forums | Reviews | Search | Full Version

Firesheep is a Firefox extension designed as a way to show just how insecure some websites are. You can sit on an open network and 'listen' for passwords to popular sites that don't properly or fully implement HTTPS and SSL. The folks at codebutler want to call attention to poorly coded sites and users who don't think before sending their passwords over open WiFi Networks (and yes, people with less high-minded goals can also use the tool).

PreCentral reader Sebastian has ported the plugin over to webOS. The above video shows Firesheep on the Pre easily hijacking a Gowalla session. The webOS Firesheep app does not show a list of nearby logged in accounts like the Firefox plug in, but in the video it automatically detects the Gowalla log in and takes it over. 

The lesson? Ask websites that don't offer secure login to do so. Or use VPN (which, by the by, is built-in to webOS 2.0). Or just keep an eye out for Pre owners at your local Starbucks and pay special attention if one happens to look at you and cackle maniacally.

Source: Youtube; Thanks Sebastian!