Think twice when using public or unsecured Wi-Fi

Public Wi-Fi has always been an insecure environment, but it’s gotten much worse lately. Not too long ago, there was a Firefox add-on released called Firesheep. It works by capturing or “sniffing” packets on the network you’re connected to. It will look for any connections to the sites it recognizes. If a user logs in to one of those sites, it will capture the cookie that the site sends to the user’s computer after their login has been authenticated. Note that once the user has been authenticated, many of these sites will no longer use an HTTPS connection, and will use the cookie that was sent after logging in to allow that specific user to access to other parts of the site. Once Firesheep has that cookie, an icon will show up in the add-on’s window indicating what site and user it has hijacked. All the attacker needs to do after that is double click on the icon that appeared and he will then be logged in as you on the corresponding site.

The creator said its purpose is to make sites like Flickr, Twitter, Facebook, and Google aware of their security flaws so they will fix them. The best thing sites like these can do to mitigate Firesheep is utilize SSL (HTTPS) everywhere, not just when you login. It is uncertain whether these companies are going to implement that or not. One of the worst things about this add-on is that it makes session hijacking or “hacking” easy enough for anyone to do. Before Firesheep, the same kind of session hijacking attacks were possible and were frequently exploited, but it required a good amount of knowledge and an understanding of networking, sessions, and various protocols.

There are workarounds currently out there. There’s a Firefox add-on called HTTPS Everywhere and another called Force-TLS that will help, but I would personally recommend to not use any social networking, banking, or other sensitive websites over public hotspots. If you really know what you’re doing, one of the better alternatives is to set up a proxy server and set your laptop to use that proxy server for internet access via an SSH tunnel.

1 reply
  1. Johann says:

    What an excellent write-up! No idea how you managed to write this’d take me days. Well worth it though, I’d suspect. Have you considered selling advertising space on your website?

Comments are closed.