- Image via Wikipedia
As I am sure most everybody that reads sites such as Global Geek News and listens to podcasts like the Global Geek News Podcast, Firesheep is a Firefox extension that can be used to hijack peoples accounts on sites like Facebook and Twitter when browsing on an open wifi hotspot. It is trivial for anybody to use and if this is used on you, somebody could do a lot of damage by impersonating you. Unfortunately, it is really the sites like Facebook and Twitter that have to implement HTTPS across their site for everybody to be protected and they are planning on doing that, but for now, you have to take security into your own hands and the best way to do that is with a Firefox extension called HTTPS Everywhere. This extension was created through a joint effort by the EFF (Electronic Frontier Foundation) and the Tor project. This extension makes sure that your cookies won’t be sent in the clear for people to grab and pretend to be you as they can with the Firesheep extension. If you use the internet at open wifi hotspots, it is very important to install this extension if you don’t want people hijacking your accounts. HTTPS Everywhere works for services like Facebook, Twitter, Dropbox, bit.ly, the New York Times, PayPal, Wikipedia and many others. If you want to know all the details of how Firesheep works to understand how important it is to use HTTPS Everywhere or something like it, I highly recommend checking out Security Now episode 272.
Leave a Reply