We used an open-source tool called Firesheep released by a developer called Eric Butler, with the aim of alerting both websites and web users to a security threat. Firesheep demonstrates the results of HTTP session hijacking attacks.
Firesheep allows the hijacking of anyone's online accounts when they're using social networking sites on a public wi-fi network, and our research team used it in various public places - though always after getting permission first from their targets.
They ask these two questions:
1) Do you realize that you are susceptible to the use of software by a third party to get into your password-protected social networking identity?
2) Would you like me to show you?
The results of the study was covered in an extensive segment by BBC Technology editor Rory Cellan-Jones on BBC Newsnight, the UK's flagship current affair's programme.