Add Comment

Firesheep Steals Site Login Info: How to Protect Against Firesheep


Eric Butler has developed a Firefox browser extension called Firesheep, which, in certain circumstances, lets its users steal other people’s log-in information for various sites and social networks.

Butler intentionally publicized Firesheep, reports U.K.’s Telegraph, to draw attention to the lax security standards of many prominent websites.  These sites, such as Facebook and Twitter, do not encrypt all their users’ log-in information, so that on an insecure wifi network this information can be accessed by others.  Firesheep makes this easier to do than it already is.

The real point of Firesheep, then, is both to up these sites’ security measures and to encourage you to protect against this kind of information theft.


advertisement

TechCrunch.com suggests using a Firefox plug-in such as Force-TLS, which ensures that all data entered through these sites gets encrypted.

You can download this plug-in here.

Once installed, open the “Tools” tab in Firefox and click on “ForceTLS Configuration.”  Go to “Preferences,” and add the domains for the websites you log into (like facebook.com).  Restart Firefox and you are good to go.

For screenshots of this process and further explanation, head over to this TechCrunch article.

Leave a Comment

Please use the comment box below for general comments, but if you feel we have made a mistake, typo, or egregious error, let us know about it. Click here to "call us out." We're happy to listen to your concerns.