Let me say straight out that the Firesheep app is not all bad. The good thing is it shows you how open your user session is to common services such as Facebook and Twitter. The other thing is, it’s making us all stop and think about securing our online information, again.
Couple of things about Firesheep. You must be using an Open WiFi internet connection. If the connection is encrypted and requires a password or access key, Firesheep collects your session information. If you are using wifi at home, with security encryption, this add-on does not affect you. Also, if you access the internet by tethering your laptop to your mobile, or via MiFi device, again, Firesheep will not affect you.
I also like that Firesheep is going to push the online services like Facebook and Twitter to offer an encrypted service experience that is easier to use and more simple for the everyday punter. The people who I have spoken to about Firesheep are concerned, but also have asked why it is not the job of the online service to fix. I agree with them.
Full secure session options for major websites are also back in discussion. If nothing else, Firesheep shows how easy it is to intercept your information, and how with a SSL option on a website, that information is kept secure.
If you are going to use open wifi networks, and personally, I am going to continue to do so, here is some ways to secure yourself.
1) Use a virtual private network. This might be a little on the extreme side if all you want to do is look at Facebook on your PC while you are travelling. Also, using a VPN can cost about $7 a month, such as Trustconnect. However if you use a lot of open wifi, and many different websites and services, not a bad thing to consider.
2) A much simpler solution is to use an app to force an SSL session. Https everywhere for Firefox and ForceTLS, also for Forefox, will do this. It’s simple to do and free. Force TLS allows you to also decide what sites you want to use SSL for, giving you a little more control.
Either way Firesheep is out there and you need to be aware of the risks so you can take some actions to ensure you are keeping your private information safe.