{"id":1419,"date":"2010-10-27T08:29:37","date_gmt":"2010-10-27T18:29:37","guid":{"rendered":"http:\/\/www.mobileviews.com\/blog\/?p=1419"},"modified":"2010-11-26T11:32:55","modified_gmt":"2010-11-26T21:32:55","slug":"firesheep-wifi-insecurity-why-the-sky-isnt-falling","status":"publish","type":"post","link":"https:\/\/www.mobileviews.com\/blog\/2010\/10\/27\/firesheep-wifi-insecurity-why-the-sky-isnt-falling\/","title":{"rendered":"Firesheep WiFi Insecurity: Why the Sky Isn&#8217;t Falling"},"content":{"rendered":"<p>I noticed a discussion about Firesheep last night but didn\u00e2\u20ac\u2122t read the details until this morning before driving in to the office. If you read an item like this one, you might be under the impression that the sky is falling. It isn\u00e2\u20ac\u2122t. Phew, I know.<\/p>\n<p>How To: Avoid Getting Fleeced By Firesheep<br \/>\nhttp:\/\/thenextweb.com\/ca\/2010\/10\/27\/dont-get-the-wool-pulled-over-your-eyes-avoiding-a-firesheep-fleecing\/<\/p>\n<p>Firesheep is a  Firefox browser plugin that lets you hijack other people\u00e2\u20ac\u2122s accounts\/sessions on services like Twitter and Facebook. This is mostly a problem when on open WiFi networks. (no WPA\/WPA2 security). But, really, it can happen on any network where someone decides to run Firesheep and hijack sessions. So, what does it really do and what can be done about it? So, I turned to the writings of a security expert whose opinion I trust to get another perspective, Bruce Schneier.<\/p>\n<p>Firesheep<\/p>\n<blockquote class=\"wp-embedded-content\" data-secret=\"DDLhSd7uRd\"><p><a href=\"https:\/\/www.schneier.com\/blog\/archives\/2010\/10\/firesheep.html\">Firesheep<\/a><\/p><\/blockquote>\n<p><iframe loading=\"lazy\" class=\"wp-embedded-content\" sandbox=\"allow-scripts\" security=\"restricted\" style=\"position: absolute; visibility: hidden;\" title=\"&#8220;Firesheep&#8221; &#8212; Schneier on Security\" src=\"https:\/\/www.schneier.com\/blog\/archives\/2010\/10\/firesheep.html\/embed\/#?secret=lr1roNpAku#?secret=DDLhSd7uRd\" data-secret=\"DDLhSd7uRd\" width=\"500\" height=\"282\" frameborder=\"0\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>His advice is relatively simple: Protect yourself by forcing the authentication to happen over TLS. Or stop logging in to Facebook from public networks. Schneier points to a relatively simple fix for Firefox browser users described on TechCrunch.<\/p>\n<p>How To Protect Your Login Information From Firesheep<br \/>\nhttp:\/\/techcrunch.com\/2010\/10\/25\/firesheep\/<\/p>\n<p>A simple way that doesn\u00e2\u20ac\u2122t even require installing a plug-in is to manually type https:\/\/ (SSL) instead of http:\/\/ (no \u00e2\u20ac\u0153s\u00e2\u20ac\u009d) when accessing Twitter &#038; Facebook. I just tried it with both services and verified that they have it working with valid certificates.<\/p>\n<p>https:\/\/twitter.com<br \/>\nhttps:\/\/facebook.com<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I noticed a discussion about Firesheep last night but didn\u00e2\u20ac\u2122t read the details until this morning before driving in to the office. If you read an item like this one, you might be under the impression that the sky is falling. It isn\u00e2\u20ac\u2122t. Phew, I know. How To: Avoid Getting Fleeced By Firesheep http:\/\/thenextweb.com\/ca\/2010\/10\/27\/dont-get-the-wool-pulled-over-your-eyes-avoiding-a-firesheep-fleecing\/ Firesheep [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[4],"tags":[],"class_list":["post-1419","post","type-post","status-publish","format-standard","hentry","category-mobile-devices"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/ppKRG-mT","jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/posts\/1419","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/comments?post=1419"}],"version-history":[{"count":2,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/posts\/1419\/revisions"}],"predecessor-version":[{"id":1422,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/posts\/1419\/revisions\/1422"}],"wp:attachment":[{"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/media?parent=1419"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/categories?post=1419"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mobileviews.com\/blog\/wp-json\/wp\/v2\/tags?post=1419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}