What is FireSheep and How to Protect Yourself?

I am going to be traveling a lot this month and probably end up using a lot of free WiFi access points. So, when I came across FireSheep I had to write about it.

FireSheep, in essence, is a Firefox extension that can sniff out your login information to many sites and let a stranger login as you and do stuff. Here is a little more background on how it works

When logging into a website you usually start by submitting your username and password. The server then checks to see if an account matching this information exists and if so, replies back to you with a “cookie” which is used by your browser for all subsequent requests.

It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called “sidejacking”) is when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

This fact is widely known but hardly considered my so many people using free WiFi access points.

What is FireSheep?

To drive the point home, Eric Butler has created a Firefox extension – FireSheep, for everyone to see how serious this problem is.

This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL. Facebook is constantly rolling out new “privacy” features in an endless attempt to quell the screams of unhappy users, but what’s the point when someone can just take over an account entirely? Twitter forced all third party developers to use OAuth then immediately released (and promoted) a new version of their insecure website. When it comes to user privacy, SSL is the elephant in the room.

With this extension, you get a sidebar and when you start capturing it, you can see who else on the network is logging into sites like Facebook, Twitter, etc and you can start using their account! And it seems to work for pretty much any social networking site in existence!

image

As you can see, with such an easy tool out in the wild, you’d have to be insane to use a free WiFi access point to login to any site that doesn’t use end to end encryption.

How to Protect Yourself from FireSheep?

So, now that you know that someone else could login to your Facebook account on a public WiFi, how do you avoid that?

You could use two Firefox extensions – Force-TLS & HTTPS everywhere to protect yourself from FireSheep like tools. From TechCrunch

Firesheep banks on the fact that most social sites default to the HTTP protocol because it’s quicker. The already existing Firefox extension Force-TLS attempts to circumvent this by forcing those sites to use the HTTPS protocol, therefore making user cookies invisible to Firesheep.

Like the alternative option HTTPS Everywhere, the Force-TLS  Firefox extension allows your browser to change HTTP to HTTPS on sites that you indicate in the Firefox Add On “Preferences” menu, protecting your login information and ensuring a secure connection when you access social sites.

Again, this solution works only on Firefox browser. So, if you use another browser you need to be aware of the fact that your session and login details could be sniffed by someone using the same wifi network.

For eg. if you are on your smartphone surfing away, the login sessions could potentially be seen by someone else. This only applies if you use the public WiFi and won’t affect if you use the data network of your cellphone carrier.

You can also use Blacksheep to protect yourself from Fire sheep firefox add-on exploits.

Fire Sheep Download

Fire sheep firefox is an extension that you can download from Mozilla add-ons website. Fire sheep download is as easy as installing any Firefox add-on. Since someone asked me in the comments let me repeat it is not firesheep software or firesheep program. It is just a Firefox extension.

I will write another post on how to use Fire sheep extension soon.

{ image/news via Eric Butler }

Explore Tags: , , ,

7 Responses to “What is FireSheep and How to Protect Yourself?”

  1. Craig Galway September 3, 2011 at 6:01 am #

    This is terrific info, thanks!  For Google Chrome users there is Facebook Secure Connection.

Trackbacks/Pingbacks

  1. What is FireSheep and How to Protect Yourself? | Lansing Rocks - October 27, 2010

    [...] Read this article: What is FireSheep and How to Protect Yourself? [...]

  2. Panopticism with Firesheep | The New Prince - October 27, 2010

    [...] What is FireSheep and How to Protect Yourself? (shankrila.com) [...]

  3. BlackSheep Protects Against FireSheep | ShanKrila - November 9, 2010

    [...] wrote about a Firefox extension, FireSheep, that could let someone else on the same public WiFi connection as you could log into your social [...]

  4. Why You Should Turn On Facebook’s New Secure Connection | Privacy and the Internet - February 1, 2011

    [...] The best ways to protect from snooping tools like Firesheep is to ensure that you’re connecting over an https connection. Hypertext transfer protocol secure (HTTPS) is a combination of hypertext transfer protocol (HTTP) and cryptology protocol. That means that the information is encoded (encryption) when it is sent and must be decoded to be read (decryption). Only the sender and the receiver have the key to encode and decode the message. That is the reason that all online banking and most purchases are done over HTTPS. If these transactions are not secure, bank account and credit card information can be stolen and used by strangers. To learn more about Firesheep and how to protect yourself, click here. [...]

  5. Enable HTTPS And Keep Your Facebook Account Secure | ShanKrila - February 8, 2011

    [...] might have heard of techniques like FireSheep which lets others in the same network as you with access to your Facebook [...]

  6. How To Get Around To Those Blocked Websites | ShanKrila - June 13, 2011

    [...] username and password in clear text for someone else to see if they know what they are doing. (see What is Firesheep?) An SSL proxy will encrypt your traffic so no one else can snoop on your connection through the [...]

Leave a Reply