I found the article How To Protect Against Firesheep Attacks on the Computerworld web site.

Firesheep  adds a sidebar to Mozilla’s Firefox browser  that shows when anyone on an open network — such as a coffee shop’s Wi-Fi network — visits an insecure site.

A simple double-click gives a hacker instant access to logged-on sites ranging from Twitter and Facebook to bit.ly and Flickr.

I had to read this a couple of times before it hit me.  Someone else is running Firesheep on their computer to detect when you access your account on an insecure web site from your computer. You don’t have to be using Firefox to be hacked. Firesheep then allows that other person to access your account on that web site.  A few hundred thousand people have already downloaded Firesheep to their computer.

The article does mention some protective measures you can take.  For the ordinary user who has not taken any of those measures, you should not be accessing your personal accounts from an unencrypted Wi-Fi hot spot.  Most such spots are unencrypted.

I suspect that if you are accessing the internet via a wireless router that is not using strong encryption, then you are also vulnerable.  Places where you might do that other than your own leaky wireless router at home (if you are not using encryption at home) would be in a hotel or on vacation in a rented condo.

Update October 29, 2010

The article Firefox Add-on Firesheep Brings Hacking to the Masses in PC World, may or may not bring some clarity to this subject.  That depends on which of the criticisms in the comments you believe.