A couple months ago, there was quite a big fuss about a new Firefox extension, called Firesheep, that allowed virtually anyone using the Firefox browser to steal valuable login information of people sharing an unencrypted wifi connection. In simpler terms, if you logged in to your Gmail, Facebook or Youtube account at a place like a coffee shop, another person connected to the same wifi could essentially access those same accounts for a brief amount of time.
While the ability to do this, called “packet sniffing”, has been around for quite some time, Firesheep made it incredibly simple. Seriously, 4 clicks and 2 minutes and you could be logging into Facebook as someone else. Fortunately, the plugin became so mainstream that people either started protecting their connections or companies, such as Gmail, started creating secure connections.
Fast forward two months. I’m sitting at my favorite coffee shop and look at the person’s computer next to me… What do I see? Roughly 20 people’s information from various social networks popping up on the screen. Damn. I guess the general population is still just as uninformed as two months ago.
Thankfully, there are a couple of quick and easy ways you can browse the web without near as much vulnerability. While none of these are a 100% surefire to keep your computer safe, they are definitely a great start.
This is a simple extension for the Firefox browser that forces a secure connection on a handful of sites, including Google, Facebook, Twitter and WordPress.com. It won’t make every site you visit secure, but it’s a great jumping off point nonetheless.
proXPN is an application that uses VPN encryption while transferring your data. This technology basically sends scrambled data to a reliable service, which then unscrambles the data before sending it to your intended recipient, e.g. Gmail, Facebook, etc. The only downside to using this type of service is that your connection is slowed down a bit since a the VPN service become a data middleman.
BlackSheep is another amazing add-on for the Firefox browser, and perhaps the best current (free) option. In short, BlackSheep detects when users are trying to steal information with Firesheep and then in turn provides Firesheep with bogus information, thus returning nothing but errors on the malicious user’s end.
* to learn more about packet sniffing and/or Firesheep, check out the Wikipedia article.