Linux Today: Linux News On Internet Time.

More on LinuxToday

Foil Firesheep and other Nuisances on Linux

Dec 03, 2010, 21:34 (0 Talkback[s])
(Other stories by Joe 'Zonker' Brockmeier)


Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers

"You've probably heard a lot about Firesheep, the Firefox extension that exposes user credentials and allows almost anyone to take over an account on Facebook, Twitter, and many other sites with a few clicks. But what do you do to defeat it? Read on, and you'll be able to foil Firesheep in no time.

"A lot of Web sites use cookies to store authentication information. You'll log in via an HTTPS connection, but then revert to HTTP when you've authenticated. Then the cookie — with your authentication information — is sent over plain HTTP. This is no big deal when you're on your home network (assuming you trust all the people in your home, of course, and you use WEP or WPA for your Wi-Fi). But if you're in a coffee shop, at a conference, or using some other public network then sending your cookies over HTTP makes it easy for someone else to hijack your session."

Complete Story

Related Stories: