Perils of Wireless Networks

Like many of you I often take my laptop with me to my neighborhood cafe. And sometimes I go online. I'm going to go about it a little differently  now that I've read about Firesheep, a Firefox extension that can detect unencrypted cookies from websites like Facebook and Twitter as they're transmitted over wireless networks. A sidebar shows the identities of other network users discovered by using the information encoded in the cookies. By double-clicking on one of the names, the person operating Firesheep can access whatever website that user is on at the moment.

Firesheep has been successfully used to capture cookies from Amazon.com, CNET, Dropbox, Evernote, Hacker, tumblr, Yahoo and Yelp, to name a few.  Seattle programmer Eric Butler created Firesheep to demonstrate the vulnerability of unsecured wireless networks.

The most effective way to protect yourself when on a public wireless network is to use the HTTPS protocol, which encrypts passwords usernames--any information that goes back and forth between your computer and any website. Unfortunately many sites default to the unsecured HTTP protocol because it's quicker. (A little background: HTTP stands for HyperText Transfer Protocol. It's a set of networking rules and the foundation of sending data on the World Wide Web.  HTTPS stands for HyperText Transfer Protocol Secure, which combines HTTP with an encryption algorithm called Transport Layer Security. ) But over at TechCrunch, Alexia Tsotsis tells you about extensions you can download to your browser(s) to force them to use HTTPS—provided you are accessing a website that supports it. Please be aware that these extension only work with the Firefox browser (in any case, friends don't let friends use Internet Explorer). Here are some additional tips for Mac users.

Add new comment