Fight Firesheep With HTTPS Everywhere

Firesheep has been in the news for a while now, where it has the ability to let individuals with limited skills hijack information from your sessions in an open WiFi connection. If you have not heard of this, you need to find out about it as it is serious scare where people add this to their Firefox add ons. Some tools have been created to help combat this problem, such as Blacksheep, which alert you to the fact that you are exposed on a public network and someone is running Firesheep trying to get your information. Open public networks are a problem that is not going to go away and even a closed public network with keys required to get in could still have someone running Firesheep.

One of the problems with solutions at the moment, they are either browser based or OS based and that creates a problem with trying to get protection. Most are add ons for Firefox. One solution to this has been to make a VPN connection to another computer and then browse the Web in that connection. For most, that is not a viable solution. We are now hearing of the HTTPS Everywhere solution which appears to hold promise to further protect computers browsing via a public WiFi connection.

HTTPS Everywhere provides additional security on some sites where you have to log on. The issues have been with sites such as Facebook and Twitter, where you log on via HTTP, which is not secure at all and information is sent in clear text for someone to see and possibly use, such as the user name and password. With HTTPS, your logon information, and everything you do in that mode is far more secure. What HTTPS Everywhere does is change from the default HTTP setting as seen in the URL, to the HTTPS settings on those sites which have that available.

This add on is doing what these sites should have been doing already which is when you have to log on, it should be in HTTPS mode and not open. Many of these sites should be making changes so that things are far more secure though there are many sites who do not go to the effort as they are less popular, but open none the less. Security is something to be concerned about before you have a problem. Once you have been hijacked, you learn the hard way as to the impact.

This is still based on a browser, so it is limited to Firefox right now. A better solution would be to have this add on be available to the top 5 browsers so as to provide the best coverage to all. If some of the reported problems continue, this could be a commercially viable solution to help protect computers.

Leave a Reply

Your email address will not be published. Required fields are marked *