The next time you are surfing the open wi-fi at your local cafe, airport, workplace or even on your home network, spare a moment to consider how secure your web traffic is. With the release of a Firefox extension called
Firesheep, it has become much easier for average computer users to listen to the traffic of others on the same wi-fi network. This becomes a big problem if your web traffic isn’t encrypted.
If you sign into any website that isn’t using SSL (i.e. https:// address) and the wi-fi network you are on is not encrypted, anyone running Firesheep will be able to capture your cookie details and take control of your account on that site. Keep in mind that your browser may “remember” your credentials for a lot of your sites, however these credentials will still be vulnerable if the site isn’t accessed via
https://.
Here are a few tips to keep you safe:
- Whenever you join an open wi-fi network (i.e. one that doesn’t require a username and password), be very careful about what websites you visit.
- If you regularly use an open wi-fi network, try to organise access to a VPN (perhaps your work provides VPN access). If you sign into a VPN, this will encrypt your web traffic so you will be safe to sign in on any site you like.
- Since your email account is probably your “master key” to the security of nearly all your other sites, make sure your email provider allows access via https://. If they don’t, seriously consider switching to one that does.
No surprise that Gmail uses SSL security
You can read more at
Gizmodo or if you want more geeky detail, check out this
Coding Horror article.
Happy surfing… stay vigilant, but not paranoid!
Get More from the original blog... 
15th November 2010, 12:21 PM
Firesheep highlights vulnerability in open wi-fi networks 
Similar Threads 
Linear Mode
