Protect Yourself From Firefox Firesheep Add-on
Tuesday 20th November 2018,


Ξ Leave a comment

Protect Yourself From Firefox Firesheep Add-on

posted by PC Systems and Security Liaison  
Filed under Featured, Malware & PC Security News, Online Safety Threat Alerts

Technology experts are suggesting that there are defensive measures to defend yourself against Firefox add-on’s hijacking of Facebook and Twitter sessions over Wi-Fi Internet connections.

Security experts today suggested ways users can protect themselves against Firesheep, the new Firefox browser add-on that lets amateurs hijack users’ access to Facebook, Twitter and other popular services.

Firesheep adds a sidebar to Mozilla’s Firefox browser that shows when anyone on an open network — such as a coffee shop’s Wi-Fi network — visits an insecure site.

Just a simple double-click gives an intruder quick access to logged-on browser sessions ranging from Twitter, Facebook and others.

Eric Butler a researcher released Firesheep last Sunday and since then the add-on has been downloaded more than 220,000 times.

Because of common curiosity there will be a lot of people just playing around with it to see if it works, but some scrupulous people could use it to spy or gain access to your personal information,

experts maintain that users aren’t totally defenseless against such intrusions.

One of  the ways you can protect yourselves against such rogue Firesheep users, experts claimed, is to avoid public Wi-Fi networks that do not offer  encryption and you are able to connect only using a password.

The experts claim that the vulnerability is not from that Wi-Fi technology but from the week security used on the Internet sites we are visiting. I think it is a combination of both.

Wi-Fi isn’t going away any time soon, so what’s a user to do?

The best defense is to use a VPN (virtual private network) session when connecting to public Wi-Fi networks at an airport or coffee shop if your device is capable, for example.

A lot of business workers use a VPN session to connect to their business network when at home or traveling, most normal users typically see the need to use a secure VPN connection to the Internet.

If you search around you will find a few services that offer VPN internet connections ranging from $5 to $10 bucks a month.

VPN sessions encrypt the traffic designated to travel between a computer, laptop or some smartphones at the airport gate, and the Internet in general, including the sites vulnerable to Firesheep hijacking. Using a VPN client on your device is just as good as encrypted Wi-Fi.

The downside to using any external providers secure internet session solution is how well the provider himself has implemented it. All you can do is hope they have done their due diligence to give you the most secure connection possible.

There are also a lot of free solutions that will force your browser to always require a secure connection when accessing any Internet resource. You will just have to research the vendor of y

our web browser. Some of those add-ons are Firefox HTTPS-Everywhere, produced by the Electronic Frontier Foundation (EFF), but it only works with a defined list of sites, including Twitter, Facebook, PayPal and Google’s search engine.

Another choice, Force-TLS, does the same thing as the EFF’s extension, but lets users specify what sites on which to enforce encryption.

Sadly, other browsers, like Microsoft’s Internet Explorer and Google’s Chrome, lack these add-ons, leaving their users in danger.

At most, any move the users make to close the vulnerability Firesheep exposes are just temporary. The Internet technology both software and hardware must do a better job of protecting users.

It is not just the normal users that are worried a lot of technology professionals have the same fear. I seldom visit social websites or enter personal information in public places, but you never know when that emergency may come up and you are moved out of your normal practices and become vulnerable.

comments powered by Disqus



Our Site is Safe Webutation
Translate »