As I reported earlier a new Firefox plugin ‘Firesheep’ makes it very easy for anyone to hack into a users Facebook or Twitter account via unsecured Wifi networks.
Help is at hand though. Steve Manuel claims to have found a workaround to Firesheep. Firesheep relies on the fact that most social sites default to the HTTP protocol because it’s quicker.
The already existing Firefox extension Force-TLS attempts to circumvent this by forcing those sites to use the HTTPS protocol, therefore making user cookies invisible to Firesheep.
HTTPS encrypts user data, so if a script like Firesheep’s like tries to pull it, it can’t be read. Force-TLS forces a number of sites to make all of their requests over an SSL secured channel and while some sites, like Amazon, don’t currently have the secure option, the majors like Facebook, Twitter, Google, etc all allow a HTTPS connection.
Via Tech Crunch
Filed Under: Technology News