2
I am developing a Linux-based security appliance. One of its functions is to cloak a user's traffic within a VPN, and I need a simple way of demonstrating that this function is working properly, and more importantly, to demonstrate why a user would need this type of protection (to prevent eavesdropping, man in the middle attacks, etc.)
At first I thought that Firesheep would make an excellent demonstration. If a user were to see his/her Facebook, Twitter, etc. account come up in a Firesheep scan as he/she uses the internet sans my security product, this is something he/she could instantly recognize; also, when I (pretending to be the attacker) hijack their identity, read and post on their wall, etc., this makes for a very impactful demonstration. (Note: I would be using my own "pretend" Facebook account when giving live demos, I would never actually compromise an actual user's account) However, as more and more sites enforce always-on HTTPS, this is becoming less and less effective. (Good for security in general, bad for this type of demonstration!)
My only other thought was to run Wireshark and do packet captures. Unfortunately while more advanced users would easily understand this, I fear that a novice would find it very confusing, even if I were to explain what's going on in great detail. Also, it is unrealistic to expect a novice/less advanced user to be able to do this on their own.
Any thoughts/ideas?