We Hack For You

3. Stealing Cookies

Cookies allow a website to store information on a user's hard drive and later retrieve it. These cookies contain important information that a hacker can sniff out and steal if they are on the same Wi-Fi network as the victim. They don't actually get the login passwords, but they can still access the victim's account.

Firesheep is a Firefox add-on that sniffs web traffic on an open Wi-Fi connection. It collects the cookies and stores them in a tab on the side of the browser.

From there, the hacker can click on the saved cookies and access the victim's account, as long as the victim is still logged in. Once the victim logs out, it is impossible for the hacker to access the account.

How to Protect Yourself

• On Facebook, go to your Account Settings and check under Security. Make sure Secure Browsing is enabled. Firesheep can't sniff out cookies on HTTPS, so try to steer away from HTTP.
• Full time SSL. Use Firefox add-ons such as HTTPS-Everywhere or Force-TLS.
• Log off a website when you're done. Firesheep can't stay logged in to your account if you log off.
• Use only trustworthy Wi-Fi networks. A hacker can be sitting across from you at Starbucks and looking through your email without you knowing it.
• Use a VPN. These protect against any sidejacking no matter what website you're on.