A Wolf in Sheep’s Clothing
Why Firesheep Should Cause You to Examine Your Internet Habits
I don’t typically like to write about tech-related issues but, after having the same disturbing chat with a few different clients and friends over the past few weeks, I figured this topic might be of interest to some people — at least to those of you who are interested in protecting your private information online from those interested in stealing it.
Today, just about everyone uses WiFi in their daily lives. Public WiFi “hot spots” can now be found with relative ease in coffee shops, restaurants and just about any other place where people congregate. WiFi access has even become commonplace in our homes. However, this easy access to the web has caused us to drop our collective guard wen it comes to our security. The convenience of readily accessible, instant Internet has overshadowed the manner in which we receive and send information over this channel.
Do you have WiFi in your home? Is it password-protected or open? It shocks me to hear how many people provide open WiFi access from their homes, either because they simply didn’t know how to lock it down or because they find logging in too much of a bother. But failing to do so opens up a world of liability to the unsuspecting owners. What if someone nearby used your network to illegally download music, movies or software? Or worse, what if your home network was used to share or download child pornography? It happens. CNET recently reported that 32% of people polled admitted to trying to hop onto a neighbors unsecured WiFi.
Enter Firesheep.
Firesheep is a free extension that was created for the Mozilla Firefox web browser. It engages in a practice called “session hijacking,” where the application monitors traffic between an open WiFi router and individual users connected to the network. What does that mean? Specifically, it means that if you’re at a coffee shop and log into your favorite web haunt (Facebook, Twitter, Amazon, WordPress, Google, etc.), your information is captured and displayed to anyone running Firesheep, in a sidebar within the browser (see below).
Once a user’s data has loaded into the sidebar, all that would-be attacker must do is double-click the name and they can instantly log into that account. Mind you, the user’s actual password isn’t displayed—but it’s not needed. Once in, an attacker has full access to the account. They can now post messages, read personal information or change the user’s password. It’s easy to see how someone with bad intentions can cause a lot of damage in a short amount of time.
So what can you do to protect yourself?
As the saying goes, knowledge is power. Simply being aware of what you are doing on your computer and where you are doing it is a major first step. The vulnerabilities that are exploited by Firesheep don’t have so much to do with WiFi but more so with the lack of security from the websites you are accessing.
Facebook, for example, is constantly rolling out patches and updates to its code in an attempt to provide a safe and secure environment for its users. Shortly after Firesheep’s release, people began to spread the word about how to safeguard against it on Facebook:
Go to Account » Account Settings » Account Security
If you want to get further down into the weeds, Firefox offers a few extensions that help to create a more secure browsing environment for you. Force-TLS and HTTPS-Everywhere attempt to box out Firesheep by forcing all web traffic to use the HTTPS protocol, which makes user cookies invisible to “sniffer” apps. Google Chrome has a similar extension called Force SSL. If you’re using Internet Explorer, you’re out of luck (and should really feel a little ashamed of yourself anyway…).
There’s also a nifty little Firefox extension called BlackSheep that alerts you if any user on the network is running Firesheep. Yes, I’ve used it. Yes, it did detect Firesheep in use on the network. Yes, it did creep me out. And it should scare you as well.
Firesheep is only the first of what will likely be many apps in this genre. It’s simply the world we live in. My hope is that their presence will cause developers to utilize greater scrutiny in how they create and secure their products, while also reminding end-users to be diligent while surfing the Internet and refrain from blindly trusting others for their online well-being.
Sean Doughtie is president and CEO of Taproot Creative. Read his bio here.
Tags: facebook, Firefox, Firesheep, WiFi
Good article. Most regular users don’t really understand about Internet Security, so this helps to make people aware of what is going on.
I would like to point out though that with recent discovery of a new malware/virus that is actually able to hijack a SSL (https) session. This bug basically will see the ssl connection, and when the browser is closed or the ssl session disconnected by logging out, it actually maintains the connection and the malware/virus is able to do what it needs to do while you are unaware that the session did not close.
That is why it is important that users have up to date antivirus and antimalware software. And… if you get a virus, even though your antivirus product caught it, best practice dictates that the computer should be reformated (though some people don’t think it is necessary).