Firesheep Hacker Pokes Privacy Holes in Facebook, Twitter
Online banking operations, for example, only allow for persistent authentication. Facebook and Twitter, however, do not. In most situations, the lack of a continuous secure connection is not a problem, as the authentication cookie sits on the user's browser and is not easy to hack. But on public Wi-Fi networks, these cookies are literally floating through the air, a flaw that Firesheep exploits by grabbing them and allowing anyone who has installed the Firesheep extension to access a Facebook session started by someone on any wireless network.
The link for this article located at Advertising Age is no longer available.