Digital TrendsTechnology news and Product Reviews

How to prevent Firesheep hacks, attacks and hijacking

Molly McHugh By

Firesheep

Before you decide to go off the grid entirely, check out these easy ways to prevent Firesheep hacks, attacks and hijacking.

Airports, coffee shops, and campuses everywhere became a little more dangerous this week when Wi-Fi hotspots were inundated with curious “hackers” who downloaded the Firesheep plug-in to take a peek at their neighbors Internet habits.

The downloadable Firefox extension created by Seattle Web developer Eric Butler and released to the public this week has been a hit with novice hackers everywhere. While Firesheep does allow users to hijack someone else’s Internet session, it doesn’t give them access to passwords or other account information that a person isn’t viewing.

But just as swiftly as the annoyingly easy-to-use extension was unleashed on Wi-Fi connections everywhere, a couple of quick fixes have been introduced. Here is how you can avoid inadvertently exposing your private information through Firesheep.

Use a VPN

Besides the very obvious resource of avoiding public Wi-Fi networks altogether, one option is to use a virtual private network (VPN) when connecting. A VPN will act like a guard when using Wi-Fi and encrypts all of your information circulating between you and the Web. It isn’t free, however, and runs around $5 to $10 a month. There are varying opinions on how much using a VPN protects users.

Download a Firefox plug-in

If that’s not enough security or if you aren’t concerned enough to pay a subscription rate, Firefox itself wants to offer a solution to its own problem. The browser offers two different, free plug-ins that encrypt your information when visit specific sites. HTTPS-Everywhere and Force-TLS prevent snooping on particularly personal sites, like Facebook, Twitter, and PayPal.

Force-TLS lets you design the list of sites you’d like protected and HTTPS-Everywhere comes with its own. If you use a different browser, however, you’re out of luck: These are available only through Firefox, but if you care about a private net session it’s worth it to use Firefox momentarily.

Beware the evolving ‘sheep

These tools will keep Firesheep users out of your computer, but it doesn’t fix the real problem: that these sites full of very personal information aren’t encrypting all of that. Butler insists that he waits for the day that Firesheep will be unusable, saying on his blog “Going forward the metric of Firesheep’s success will quickly change from amount of attention it gains, to the number of sites that adopt proper security. True success will be when Firesheep no longer works at all.”  He also warns, or really, promotes, that more versions of Firesheep are in development. But if his experiment results in making the Web a safer place, maybe the hoards of Wi-Fi users currently paranoid about the Internet activity will thank him.

In Case You Missed It:

Showing 2 comments

  1. @proffsg at 4:47am 4th November 2010 Earlier, I made a post about the danger of the existence of a Firefox extension called Firesheep that allows a user to easily access your Facebook or Twitter account within an unsecured WiFi network. In other words, it can hack your Facebook, Twitter and other accounts surely. Source: http://www.bazics.net/2010/10/how-to-protect-your...
  2. Andrew at 12:37pm 27th October 2010 Hi Molly, great article. I agree with you about the VPNs. You could also read https://www.privateinternetaccess.com/pages/publi... which has a lot of information about the public wifi securities. I definitely suggest using a VPN NO matter what when using a public wifi network. Here are some: http://www.privateinternetaccess.com/ http://www.madvpn.com/
Close Suggestion Russia pursuing its first spammer criminal case?
View Article