Find out what I'm doing, Follow Me :)

Thursday, February 3, 2011

Protect Facebook, Twitter Accounts from Firesheep

Protect Facebook, Twitter Accounts from Firesheep

Use Firefox extensions and secured network instead of being ignorant

    Firesheep is a simple add-on for Firefox that can let anyone scan through open Wi-Fi network and steal account information of users. Account details of websites like Twitter, Facebook, Yelp, Hotmail and several others can easily procured using this add-on. To protect your account details from getting hijacked by anyone. Here are some pointers shared by Butler to protect users in the simplest possible ways:
    • HTTPS-Everywhere Extension: Created by Electronics Frontier Foundation, this add-on makes the Firefox browser use only HTTPS (Secured) connection for certain websites. Unfortunately, this works only with definite list of websites only.
    • Force-TLS: Yet another Firefox extension that will let users to specify and create own list of domain names for forcing HTTPS requests.
    • Virtual Private Network: Using Virtual Private Networks could be an ideal solution for corporate environment and hardly for a home based user.
    These aren't golden solution pointers that will serve the purpose of securing your account details being hijacked over open Wi-Fi. However, they do promise protection against snooping through Firesheep or similar tools. London based user named Kossi Yetongnon commented on this claiming that he was able to hijack Hotmail Session even through a a secured Wi-Fi network. As rightly pointed out, forcing HTTPS encryption won't solve the issue. It's the cookie that gets dumped on the user's computer which needs to be secured. Websites that require secured login should take a note of this and start working on appropriate solutions.

    No comments:

    Post a Comment