In Blog

If you are a wireless user (use your notebook or newer web-enabled phones at coffee shops, airports or Internet Cafes), be very careful about the connection type you get to the provider. Unencrypted connections are BAD. Use only an encrypted service (where you have to put in a pass-phrase or key code to get your wireless to connect(usually indicated by an icon of a lock on the wireless access point).

There is a new add-on for FireFox users called FireSheep that once installed allows the user to monitor other computers using that access point for unsecured connections. It knows how to take over sessions to those users Facebook, Twitter and other popular services. The person being attacked doesn’t have to be using FireFox, they can be using any browser. This is an application that allows someone running FireFox to do this.

Another solution, if you have to use an open wireless connection, though more labor intensive, is to make sure the web sites you connect to are encrypted (using https, in the address bar). There are some FireFox add-ons that can help you with this:

https://www.eff.org/https-everywhere
https://addons.mozilla.org/en-US/firefox/

The first one, provided by the Electronic Frontier Foundation (EFF), only works with a defined list of sites, including Twitter, Facebook, PayPal and Google ‘s search engine. The second, Force-TLS , serves the
same purpose as the EFF’s extension, but lets users specify which sites on which to enforce encryption.

The last method is to use a VPN to a secured server. This method is probably the best and simplest solution and requires that you just start the program before you start browsing. It provides a secure connection while you are traveling, by connecting you directly to a secure server and then relaying your connection out to the Internet. Currently we do not have that ability, but if enough people have an interest in setting one up, I will look into it.

Be careful out there.

Recommended Posts