Visit me elsewhere:

Cookie Session-Stealing

FireSheep is a FireFox extension for easy session stealing.

Many websites nowadays still do not use secure cookies for authentification. This is a huge problem on unsecure WIFI; e.g. if you’re using a public WIFI when you’re out. To pressure hosters to actually do something this Addon makes it extremely easy to hijack accounts if cookies are not secured.

Check the slides from Eric Butlers talk. (arrow keys to navigate)

The problem itself is a widely known, very old problem. Still, many, even big, websites did not really bother to actually secure their sessions.