1 Comment

Summary:

In recent days, a new tool called Firesheep has become available to “sniff out” login information that’s being sent over wireless networks. Such tools have always been available, but this one makes it easy for anyone to collect other people’s private data.

HTTPS-Anywhere

In recent days, a new tool called Firesheep has become available that can “sniff out” the login information that’s being sent over wireless networks. Such tools have always been available, but this one makes it easy for anyone to collect other people’s private data.

I’m sure that you, as a web professional, know that it’s important to use a VPN or to encrypt your connection by using https:// whenever you can. But this might be a good time to remind colleagues and friends. And there are several ways of forcing secure connections.

With Firefox, you can use:

  • HTTPS-Anywhere, an add-on that comes pre-configured with rules for over two dozen popular sites, including Facebook and Twitter. You can add your own rules, but you’ll need to edit an XML file.
  • Force-TLS, an add-on that has a much simpler way of adding sites to connect with securely, but it doesn’t come with any pre-configured sites.

As far as I can tell, these two add-ons coexist gracefully, so you may want to have your less web-savvy colleagues install both. That way, HTTPS-Anywhere can take care of the popular sites, and others can be added to Force-TLS (using Tools-> ForceTLS Configuration).

With Chrome, you can use the KB SSL Enforcer or Force-SSL add-ons. There doesn’t seem to be an equivalent add-on for Safari yet.

For mobile devices, you’ll want to use a VPN. There are a number of VPN apps available for iOS and Android.

How do you keep your web browsing secure?

Related content from GigaOM Pro (sub. req.):

  1. Fortunately, these types of tools exist for more sensitive networks, although, with so much information now on the web for delivery, whose personal network isn’t sensitive? Thanks for sharing these options, Charles. The information is certainly appreciated.

    Share

Comments have been disabled for this post