What the heck is a firesheep? | Frogbox

I wanted to take a break from the regular “moving box” talk and share a brief tech-tip with you this week!

With more followers then the now infamous Charlie Sheen, Ashton Kutcher is one of twitters biggest celebrities. Unfortunately for him, even his 6 million followers couldn’t keep poor Ashton from getting punk’d himself and falling victim to a security loophole that could effect you as well. As you can see from the picture above, Ashton’s twitter was hijacked a few months back and this rouge tweet was posted to his account.

So how did it happen?

More likely then not, someone on the same wireless network was using an easily accessible and free firefox extension called firesheep to obtain Ashton’s login credentials by accessing the unsecured cookie’s on his computer.

… ok, so whats a cookie?

When you login to a website like Facebook or Twitter something called cookie is transferred to your machine, this is a token that grants you access back to the same website so you don’t have to continually log in every time you return to the site. The standard is that the login process is secured, however, on some websites including Twitter and Facebook, the information stored in this cookie is not.

How can you protect yourself?

Thankfully, many websites such as Gmail use a security protocol called SSL to prevent this from happening. Unfortunately not all websites have adopted these same security procedures, in the mean-time the best thing you can do to is install some kind of protection such as BlackSheep, Firesheperd, or HTTPS Everywhere.

For more information about firesheep check out these links:

Firesheep on Wikipedia

Firesheep Vigilante Warns Exposed Users by Messaging Them With Their Own Facebook Accounts Via Gizmodo

What is Firesheep? (a more detailed explenation)

Equipment Rented: Frogbox Inc. ("Frogbox") hereby rents to you (the "Renter"), and Renter hereby hires from Frogbox, the equipment specified in the Invoice order details (the "Equipment"). Renter agrees with the count in the above itemized equipment list.
Rent: Renter shall pay Frogbox rent in the amounts stated in the Renter's Invoice, adjusted for actual rental period.
Rental Terms: The rental and related charges shall commence upon the date Equipment is delivered by Frogbox Inc. and shall terminate on the date Equipment is picked up by Frogbox Inc.
Ownership: Equipment is, and shall at all times remain, the sole and exclusive property of Frogbox.
Warranty: Frogbox warrants that Equipment is in satisfactory operating condition at the time of delivery and will replace (if possible) at no charge, any equipment that fail during normal operation, but not as a result of damage or mishandling. Frogbox is not responsible for the methods or conditions of Equipment operation or for the results obtained.
Alteration: No alteration to the Equipment may be made without the prior written consent of Frogbox. Proper care and maintenance of the equipment during its use will be the responsibility of RENTER. Equipment, which is returned in a condition requiring cleaning or repairs due to excessive wear and tear or mishandling, will be brought back to rentable condition at the expense of RENTER.
Assignment: Neither this Agreement nor Equipment may be assigned, transferred, or in any way encumbered by Renter without written consent of Frogbox.
Risk of Loss: Promptly upon the arrival of Equipment at the Renter's facility, the Renter will carefully inspect the Equipment to determine whether it has been damaged during delivery. In the event of any such damage, the Renter will promptly inform Frogbox and a replacement will be provided. If the Renter shall fail to notify Frogbox of any damages within one business day of the receipt of the Equipment, then the Renter shall be deemed to have accepted the Equipment as being in acceptable operating condition. During the period of the Renter's possession and control of the Equipment, all risk of loss, destruction of, or damage to the Equipment, from any cause whatsoever shall be borne by the Renter.
Security Deposit: The cost to repair damaged equipment or the replacement for equipment not returned will be charged to the Renter's credit card. Any unpaid rent may also be charged to the Renter's credit card. Customers paying with a cheque will be required to provide a credit card for the security deposit.
Payment Terms: Due upon delivery by Visa, MC, Amex or Cheque. Rental extensions will be charged automatically and is calculated based on the equipment pick-up date and time.
Returned Cheque: A $20 NSF fee will apply to a returned cheque. Both the Renter's invoice and NSF fee will be charged to the Renter's credit card.
Operation: The Renter will use the Equipment in a safe and respectful manner. The Renter shall indemnify and hold Frogbox harmless from any liability whatsoever resulting from the Renters use of the Equipment. Frogbox is not responsible for the results of any loss or damages caused by the Renter's move.
Default and Remedies: Renter shall be deemed to have breached this Agreement if the Renter: a. Defaults in any payment as set forth in the Renter's order form. b. Defaults in any of the terms herein and such default shall continue uncorrected for five (5) days after written notice hereof to Renter by Frogbox or c. Becomes insolvent, or if a petition is filed by or against Renter under the Bankruptcy and Insolvency Act (Canada) or any other law concerning the relief of debts, or the petition is not discharged within 30 days.
Termination: In the event of any default, Frogbox may declare the entire amount of unpaid rental payments immediately due and payable, and Frogbox Inc. may immediately terminate this agreement. In the event of such termination, Frogbox Inc. may enter into the premises where Equipment is located and remove same. All costs and expenses to recover equipment and/or rental fees, including legal fees incurred in execution of this section, will be paid by Renter.