This has nothing to do with HTTP, nothing to do with cookies, nothing to do with Wifi, nothing to do with capturing packets being 'easier' (?!?), nothing that is easier since 2003.
It has to do with a very simple concept that many do not seem to understand: If you are on the same network as somebody else, and you are not using an SSL connection, other users on the network will see everything. And further, even if you are using SSL, if you aren't checking the key sigs, they can again see everything.
Cookies are simple and elegant and are not the problem - the solutions have existed for almost 20 years.
Firesheep is great because it is not only switching on users who had no clue, but also developers who have no clue.
It has to do with a very simple concept that many do not seem to understand: If you are on the same network as somebody else, and you are not using an SSL connection, other users on the network will see everything. And further, even if you are using SSL, if you aren't checking the key sigs, they can again see everything.
Cookies are simple and elegant and are not the problem - the solutions have existed for almost 20 years.
Firesheep is great because it is not only switching on users who had no clue, but also developers who have no clue.