Security experts suggest protective measures against Firefox add-on Firesheep
27 Oct 2010
Security experts today suggested new measures for users to protect themselves against Firesheep, the new Firefox browser add-on that allows amateurs to hijack users' access to Facebook, Twitter and other popular services via Wi-Fi.
With Firesheep, Mozilla's Firefox browser gets a sidebar that shows when anyone on an open network -- such as a coffee shop's Wi-Fi network visits an insecure site.
With a simple double-click hackers are able to instantly access logged-on sites ranging from Twitter and Facebook to bit.ly and Flickr.
The add-on has been downloaded nearly 220,000 times since researcher Eric Butler released Firesheep on Sunday.
One way users can protect themselves against rogue Firesheep users, according to experts, is to avoid public Wi-Fi networks that are not encrypted and are available only with a password.
However, according to Ian Gallagher, a senior security engineer that approach was like throwing the baby with the bathwater.
"While open Wi-Fi is the prime proving ground for Firesheep, it's not the problem," Gallagher said in a blog post on Tuesday. "This isn't a vulnerability in Wi-Fi, it's the lack of security from the sites you're using."
