Foil Firesheep and other Nuisances on Linux
Dec 03, 2010, 21:34 (0 Talkback[s])
(Other stories by Joe 'Zonker' Brockmeier)
"You've probably heard a lot about Firesheep, the Firefox
extension that exposes user credentials and allows almost anyone to
take over an account on Facebook, Twitter, and many other sites
with a few clicks. But what do you do to defeat it? Read on, and
you'll be able to foil Firesheep in no time.
information. You'll log in via an HTTPS connection, but then revert
to HTTP when you've authenticated. Then the cookie — with
your authentication information — is sent over plain HTTP.
This is no big deal when you're on your home network (assuming you
trust all the people in your home, of course, and you use WEP or
WPA for your Wi-Fi). But if you're in a coffee shop, at a
conference, or using some other public network then sending your
cookies over HTTP makes it easy for someone else to hijack your