Researchers extend Firesheep to exploit Google Search data leak

Filed Under: Data loss, Featured, Google, Privacy, Vulnerability

Firesheep infiltrates GoogleA pair of security researchers have created their own version of the notorious Firesheep plugin to expose a data leak in the world's favourite search engine.

The proof-of-concept plugin exploits the use of unencrypted cookies by Google's Web History feature.

Although you need to be logged in to make use of Web History it does not require an encrypted (HTTPS) connection. This flaw can allow attackers to find out what you've been searching for, who your social contacts are and who's in your Gmail address book.

The new variant of Firesheep allows hackers to easily exploit the flaw if they are sharing the same WiFi hotspot as you.

For researchers Vincent Toubiana and Vincent Verdot the choice to adapt Firesheep must have been obvious. The original Firesheep was released last October by a security researcher fed up with what he saw as the failure of big websites such as Twitter and Facebook to protect their users. Whilst his efforts weren't greeted with a chorus of approval they do appear to have had the desired effect.

The good news is that this latest exploit does not allow attackers to take over users' Google Accounts. However, it does expose private data. In the researchers' own words:

"while the direct access to users’ data is subject to a strict security policy, using personalized services (which may leak this same personal information) is not"

Anyone thinking that search histories are innocuous need only cast their mind back to 2006.

In a well-intentioned but disastrous move AOL released a sizeable chunk of its users' search data for research purposes. And what did we learn? That users put all sorts of private information into search engines.

AOL user 17556639's search historyThe supposedly anonymised searches included names, addresses and social security numbers amongst other things. In some cases users' search histories built up to create mosaic-like pictures of their lives (and in the sinister case of user 17556639 not a flattering one).

As well as introducing their take on Firesheep,  Toubiana and Verdot's recent paper outlines a number of ways to acquire the offending cookies, including just Googling for them.

They estimate that about 50% of Google's users have Web Search History switched on and that many users are unaware of it. To make matters worse the compromised cookies are used across more than 20 websites including some web behemoths like Google Search, Google Maps, YouTube and Blogger.

The researchers have already alerted the Google Security Team who are working on a fix. In the meantime they recommend making sure you’re not logged in to your Google account when you’re using an unsecured network.

Although it is possible to protect yourself when searching by using Google's HTTPS search many of the webpages where the cookie can be exposed don't offer HTTPS as an option.

If you don't use Web Search History or you've never heard of it you may want to visit your search history page and disable it.

For more information on this research you can download Toubiana and Verdot's paper "Show Me Your Cookie And I Will Tell You Who You Are" from

You might also like to watch our video showing you how to counter Firesheep and its friends, even on unencrypted WiFi:

(Enjoy this video? Why not check out the SophosLabs YouTube channel?)

, , , ,

You might like

3 Responses to Researchers extend Firesheep to exploit Google Search data leak

  1. Wisperbird · 1446 days ago

    That is why I use two step verification.
    Even if the get my password, they will have to steal my laptop too, to get into my account.

    • Pablo · 1446 days ago

      Have you read the article? It doesn't say anything about password or account stealing. It's talking about your private search data being exposed to anyone who's using the same unprotected WiFi hotspot as you are.

  2. Meratvforum · 1436 days ago

    I wonder what made Mozilla include a stupid menu bar in version 4 for win xp, when there are 73% windows users using win xp, vs 17.5% using win 7.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Mark Stockley is an independent web consultant who's interested in literally anything that makes websites better. Follow him on Twitter at @MarkStockley