In the last few days a tool has been released that allows almost anyone to gain access to your web accounts when accessed insecurely. The attack used is not new, but the simplicity of operation significantly increases the chance of being exploited by a curious person experimenting in your favourite cafe.

Idiocy is designed to warn people of the risks they're taking on public wifi networks. While quietly running in the background Idiocy watches for people visiting Twitter insecurely, hijacks the session and posts a tweet warning them that they are vulnerable, with a link to a page explaining what has happened.

Given that most websites will not be making SSL the default any time soon, the only option is to educate people. Run Idiocy on your laptop and make people aware.

The code is up, why not add support for Bebop, or Myface, or whatever is trendy these days?