Information Technology Reference
In-Depth Information
networks and criticized the social network companies for not providing more security
[13, 14, 15, 16].
Responding to criticism for providing a tool that makes it easy for ordinary com-
puter users to perform sidejacking, Butler wrote: “The attack that Firesheep demon-
strates is easy to do using tools that have been available for years. Criminals already
knew this, and I reject the notion that something like Firesheep turns otherwise innocent
people evil” [17].
Three months after Butler released Firesheep, Facebook made the following an-
nouncement:
Starting today we'll provide you with the ability to experience Facebook en-
tirely over HTTPS. You should consider enabling this option if you frequently
use Facebook from public Internet access points found at coffee shops, airports,
libraries or schools. The option will exist as part of our advanced security fea-
tures, which you can find in the “Account Security" section of the Account Settings
page. [18]
In March 2011, Twitter announced it was offering an “Always use HTTPS” op-
tion [19].
ACT UTILITARIAN ANALYSIS
The release of Firesheep led the media to focus on the risks associated with the use of
certain Web sites from unsecured wireless networks, and a few months later Facebook
and Twitter made their Web sites more secure. There continues to be strong pressure
for other Web services to follow suit. These are tremendous benefits for everyone who
accesses the Web at a public Internet access point without encryption.
Butler was right when he predicted that Firesheep would not turn people into
criminals. Even though half a million people downloaded Firesheep in the first week,
there was no evidence of a big increase in identity theft or even malicious pranks. The
harms caused by Firesheep appeared to be minimal. Because the release of Firesheep
caused great benefits and negligible harm, we conclude it was a good action from a
utilitarian point of view.
VIRTUE ETHICS ANALYSIS
Butler demonstrated civic responsibility by using his technical skills to develop Fire-
sheep, a piece of software that dramatically illustrated, even to nontechnical people, the
lack of security when unencrypted HTTP messages are sent over an unencrypted Wi-Fi
network. On the day he released Firesheep, Butler wrote on his blog:
On an open wireless network, cookies are basically shouted through the air,
making [sidejacking] attacks extremely easy. This is a widely known problem that
has been talked about to death, yet very popular websites continue to fail at protect-
ingtheirusers....Facebookisconstantly rolling out new 'privacy' features in an
endless attempt to quell the screams of unhappy users, but what's the point when
someone can just take over an account entirely? [11]
 
Search WWH ::




Custom Search