11-28-2011 08:22 PM
I'm sure many of us find open "free" networks while traveling - in some airport lounges, in coffee shops, bookstores, etc.
When connectivity is available, it seems tempting to sign into Facebook, or Twitter to update status or see what is going on. But last year, I read a bit about firesheep and other similar applications that could be used to sniff data and allow another person to potentailly capture the login / passwords of those around them.
How prevalent is this danger and what actions can we take to protect ourselves other than just not using open networks?
Solved! Go to Solution.
11-28-2011 08:40 PM
If using an open wi-fi, before logging into any site, make sure the site is using SSL (look for the https:// in the address). Even better, assuming you're able, is to use a virtual private network (VPN) connection. Many of us have a VPN connection available through our jobs. For those that do, logging into the VPN and then browsing through there is your safest available bet on an otherwise open wi-fi connection.
11-28-2011 10:18 PM
This actually talks about how cookies can be captured OTA (Over the Air). The only true way is to use an https:// connection when going through any Social Networking site i.e: Facebook, Twitter, Google+, etc. etc. since data is streamed or transferred through a TLS/SSL (Transport Layer Security/Secure Socket Layer). Though this will not be enough I seek also a Public Connection with a higher level of Wi-Fi security or authentication using WPA2 with an AES encryption standard.
Also, we need to take note of that we also need to make sure that when on a Public Network that we disable any File and Printer Sharing and Network Discovery. In Windows 7, the Network Location Awareness (NLA) feature found in the Network and Sharing Center does this automatically on Public Networks if the settings were left on default.
In most browsers right now, there's an option to disallow websites to track your location. All the better will be to use InPrivate browsing when in IE, Incognito when in Google Chrome or Private Browsing in Firefox, these modes will not keep any session cookies without you worrying to delete them manually once you close the browser.