Skip to main content

How to prevent Firesheep hacks, attacks and hijacking

FiresheepAirports, coffee shops, and campuses everywhere became a little more dangerous this week when Wi-Fi hotspots were inundated with curious “hackers” who downloaded the Firesheep plug-in to take a peek at their neighbors Internet habits.

The downloadable Firefox extension created by Seattle Web developer Eric Butler and released to the public this week has been a hit with novice hackers everywhere. While Firesheep does allow users to hijack someone else’s Internet session, it doesn’t give them access to passwords or other account information that a person isn’t viewing.

Recommended Videos

But just as swiftly as the annoyingly easy-to-use extension was unleashed on Wi-Fi connections everywhere, a couple of quick fixes have been introduced. Here is how you can avoid inadvertently exposing your private information through Firesheep.

Use a VPN

Besides the very obvious resource of avoiding public Wi-Fi networks altogether, one option is to use a virtual private network (VPN) when connecting. A VPN will act like a guard when using Wi-Fi and encrypts all of your information circulating between you and the Web. It isn’t free, however, and runs around $5 to $10 a month. There are varying opinions on how much using a VPN protects users.

Download a Firefox plug-in

If that’s not enough security or if you aren’t concerned enough to pay a subscription rate, Firefox itself wants to offer a solution to its own problem. The browser offers two different, free plug-ins that encrypt your information when visit specific sites. HTTPS-Everywhere and Force-TLS prevent snooping on particularly personal sites, like Facebook, Twitter, and PayPal.

Force-TLS lets you design the list of sites you’d like protected and HTTPS-Everywhere comes with its own. If you use a different browser, however, you’re out of luck: These are available only through Firefox, but if you care about a private net session it’s worth it to use Firefox momentarily.

Beware the evolving ‘sheep

These tools will keep Firesheep users out of your computer, but it doesn’t fix the real problem: that these sites full of very personal information aren’t encrypting all of that. Butler insists that he waits for the day that Firesheep will be unusable, saying on his blog “Going forward the metric of Firesheep’s success will quickly change from amount of attention it gains, to the number of sites that adopt proper security. True success will be when Firesheep no longer works at all.”  He also warns, or really, promotes, that more versions of Firesheep are in development. But if his experiment results in making the Web a safer place, maybe the hoards of Wi-Fi users currently paranoid about the Internet activity will thank him.

Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
Google is testing a feature that will let AI hide away internet pop-ups
Google Chrome browser running on Android Automotive in a car.

Google is testing a new feature in Chrome Canary, the experimental version of the Chrome browser. As reported by TechRadar, the "PermissionsAI" feature is designed to deal with pop-ups from websites asking you to share your location or consent to notifications.

According to Chromium, the tool will use Google's "Permission Predictions Service" and Gemini Nano v2 to analyze users' previous responses to pop-ups and guess how they will respond to new ones. If you're likely to decline, the feature will block the annoying pop-up that appears in the middle of your screen and instead hide it away in a corner in case you need it later.

Read more
AMD’s Ryzen Z2 Go disappoints in early benchmark
The Lenovo Legion Go S sitting on a window.

A recent YouTube video has showcased the gaming capabilities of AMD's upcoming Ryzen Z2 Go chipset, designed for budget gaming handhelds. As part of the new Ryzen Z2 lineup, the Z2 Go’s capabilities were tested on a Lenovo Legion Go S and compared to last year’s Z1 Extreme powering the Asus ROG Ally X.

According to gaming performance data shared by FPS VN, the Z2 Go shows some limitations compared to the Z1 Extreme. In Black Myth: Wukong, it achieved 36 fps versus 40 fps at 15W, 30 fps versus 32 fps at 20W, and 60 fps versus 64 fps at 30W. In Cyberpunk 2077, the Z2 Go delivered 50 fps compared to 54 fps at 15W, 45 fps versus 47 fps at 20W, and 61 fps compared to 66 fps at 30W. Similarly, in Ghost of Tsushima, the Z2 Go hits 62 fps versus 66 fps at 15W, 48 fps versus 52 fps at 20W, and 62 fps versus 66 fps at 30W. Although the performance gap is minor, it remains consistent at around 7–10% across all tested games.

Read more
When you sign up for two years of Surfshark you’ll get 10GB of roaming data for free!
Surfshark displayed on multiple devices including a smartphone, tablet, and laptop screen.

Investing in a VPN for your Wi-Fi network is one of the best ways to mask your IP address from those looking to gain control of your personal data, device logins, and other sensitive info. Fortunately, there’s a new VPN-masking service born every day, but not all of these services offer are worth your hard-earned cash. Instead, you should focus on vetted and reliable platforms like Surfshark.

As luck would have it, Surfshark is even offering a promo for new customers: For a limited time, when you sign up for two years of Surfshark One or Surfshark One+, you’ll get 10GB of Saily eSIM roaming data for free. We tested Surfshark not long ago, and reviewer Alan Truly said: “Surfshark is a fast streaming VPN that let me connect an unlimited number of devices, making it a great choice to protect privacy and unblock worldwide streaming for the whole family.” We've also reviewed Surfshark's anti-virus protection suite.

Read more