What is Firesheep?
Firesheep hacks into your online accounts by viewing your computer's networking session identification and authentication codes, or cookies.
This information becomes vulnerable when it is not encrypted. 3
When a connection is not secure your URL looks like this: http:// To make your connection more secure add an s to the http:// in your url. It should look like this: https://
According to one source, "Firesheep specifically targets 26 highly-trafficked sites, including Amazon, Foursquare, Google, Facebook, Twitter, Windows Live, the New York Times, Wordpress, and Yahoo, and can be customized to go after other sites per the hijacker’s preferences." 4
Concerns for Parents
- This extension allows users to hijack other people's online accounts if they are using unsecure websites on public wifi.
- Some sites do not have secure connection options; major sites, like Facebook, Twitter, and Amazon, usually do.9
How Can I Keep My Computer safe?
- Check your URL before you log in to one of your online accounts while using a public wireless network. To protect your information simply add a s to http:// so that it becomes https:// You might want to bookmark your sites with this url to protect yourself in the future. 10
- Before you log on to a public network make sure you are logged out of your online accounts. Once you are logged into the network make sure you sign into your accounts with a secure connection.11
- There is a FireFox plug-in called HTTPS-Everywhere that automatically changes your URL http:// to https// .12 13
- There is a FireFox plug-in called Force-TLS that allows users to enforce HTTPS for a specific list of domain names
- There is a FireFox add-on called BlackSheep that will alert you when someone on the network is using Firesheep 14
Where Can I Learn More?
Read this wiki article on Tls.