Engyo
Prince of Dorkness!
The Firesheep don't even look up | TechBlog | Chron.com - Houston Chronicle
October 29, 2010
The Firesheep don't even look up
I wrote Thursday about Firesheep, a new Firefox extension that makes it incredibly easy to get into someone else's browsing session on a public network.
What once took some obscure hacker tools and a modicum of skill can now be done with a couple of mouse clicks, and if you use public Wi-Fi hotspots, you should be very concerned.
If you have not read Thursday's post, go do so. For the click-challenged, here's the synopsis: Firesheep finds connections being made to popular websites through the standard, non-secure http protocol. It can "sidejack" that session, allowing you instantly to be browsing someone else's Facebook or Twitter account. If you're using the encrypted, secure https connection a site, you're safe. The problem is, too many sites don't offer https connections, or they aren't consistently available throughout the site, leaving users vulnerable.
Scary, right? There's one thing I've learned in the 25-plus years I've been writing about tech: Most people are careless about security. Despite countless warnings regarding safe computing practices, users continue to do the dumbest things. From using easy-to-guess passwords, to clicking on random links in e-mail, to clicking on popups touting unheard-of antimalware programs, too many folks get themselves into trouble that could have been easily avoided.
And Firesheep provides even more opportunities for the clueless to stumble.
-----------------------------------------------------------------------
The balance of the op-ed is VERY worth reading if you ever take your computer out in public.
October 29, 2010
The Firesheep don't even look up
I wrote Thursday about Firesheep, a new Firefox extension that makes it incredibly easy to get into someone else's browsing session on a public network.
What once took some obscure hacker tools and a modicum of skill can now be done with a couple of mouse clicks, and if you use public Wi-Fi hotspots, you should be very concerned.
If you have not read Thursday's post, go do so. For the click-challenged, here's the synopsis: Firesheep finds connections being made to popular websites through the standard, non-secure http protocol. It can "sidejack" that session, allowing you instantly to be browsing someone else's Facebook or Twitter account. If you're using the encrypted, secure https connection a site, you're safe. The problem is, too many sites don't offer https connections, or they aren't consistently available throughout the site, leaving users vulnerable.
Scary, right? There's one thing I've learned in the 25-plus years I've been writing about tech: Most people are careless about security. Despite countless warnings regarding safe computing practices, users continue to do the dumbest things. From using easy-to-guess passwords, to clicking on random links in e-mail, to clicking on popups touting unheard-of antimalware programs, too many folks get themselves into trouble that could have been easily avoided.
And Firesheep provides even more opportunities for the clueless to stumble.
-----------------------------------------------------------------------
The balance of the op-ed is VERY worth reading if you ever take your computer out in public.
Last edited: