In recent days, a new tool called Firesheep has become available that can “sniff out” the login information that’s being sent over wireless networks. Such tools have always been available, but this one makes it easy for anyone to collect other people’s private data.
I’m sure that you, as a web professional, know that it’s important to use a VPN or to encrypt your connection by using https:// whenever you can. But this might be a good time to remind colleagues and friends. And there are several ways of forcing secure connections.
With Firefox, you can use:
- HTTPS-Anywhere, an add-on that comes pre-configured with rules for over two dozen popular sites, including Facebook and Twitter. You can add your own rules, but you’ll need to edit an XML file.
- Force-TLS, an add-on that has a much simpler way of adding sites to connect with securely, but it doesn’t come with any pre-configured sites.
As far as I can tell, these two add-ons coexist gracefully, so you may want to have your less web-savvy colleagues install both. That way, HTTPS-Anywhere can take care of the popular sites, and others can be added to Force-TLS (using Tools-> ForceTLS Configuration).
For mobile devices, you’ll want to use a VPN. There are a number of VPN apps available for iOS and Android.
How do you keep your web browsing secure?
Related content from GigaOM Pro (sub. req.):