Firesheep: Helping Users Win.

Transcript

1. Firesheep marcus ortiz helping users win.

2. released by Eric Butler on Oct 2010 at Toorcon 12

3. allows users to hijack sessions

4. None

5. full SSL encryption is the only countermeasure

6. Was the decision to release Firesheep to the public ethical?

7. why is this important?

8. Arguments Against privacy exploitation legal issues

9. Arguments For helping users win

10. SE Code 4.01 [software engineers shall] temper all technical judgments

    by the need to support and maintain human values

11. SE Code 4.01 Eric Butler shall temper his decision to

    release Firesheep by the need to support and maintain web users’ privacy

12. “Privacy rights are enshrined in our Constitution for a reason,

    a thriving democracy requires respect for individuals' autonomy as well as anonymous speech and association.” -EFF (Electronic Frontier Foundation)

13. yes Butler’s decision to release Firesheep to the public was

    ethical

14. references 1. http://codebutler.com/firesheep 2. http://www.acm.org/about/se-code 3. https://github.com/codebutler/firesheep 4. http://arxiv.org/pdf/1108.5864v1 5.

    http://www.law.cornell.edu/uscode/18/1030.html 6. http://www.law.cornell.edu/uscode/18/ usc sec 18 00002511----000-.html 7. https://www.eff.org/work