Everyone these days uses their WiFi connections to access all of their online connections anywhere and everywhere. Whether it is through your iPod, Smartphone, or laptop computer, you can find WiFi hotspots to access your information almost anywhere. Warning, you need to know that there is a new threat to your online privacy through WiFi connections. Last month a researcher at Firefox developed a new tool to hijack WiFi cookies to access unsecured email, Facebook, and Twitter accounts. This new tool for sidejacking, or hijacking someone else’s HTML browsing session cookies is called ‘Firesheep’. It’s easy to download and with a click or tap, anyone can see your accounts and information attached while you’re out at the local coffee shop browsing while waiting for your order. Firesheep is free and currently available now for Mac OS X and Windows; it will later run on Linux as well.

For most savvy WiFi users, sidejacking is nothing new. Three years ago ‘Hamster’ became available which basically allowed for the same threat, but was far more difficult to use. That is until Eric Butler, a Seattle-based Web application software developer and researcher, stepped it up with Firesheep. It takes advantage of websites that don’t use SSL encrypted logins, so when a user visits Facebook, Twitter, Hotmail, or YahooMail, their cookies can be automatically lifted and used by an attacker on the WiFi network to take over his or her account. Did you know that most websites aren’t SSL encrypted today, leaving users open to having their sessions sniffed and hijacked when they log onto sites such as Facebook from the WiFi at your favorite coffee shop. Firesheep basically makes this type of attack easy enough for any nontechnical person to do. The tool pops up a window, the attacker clicks the “Start Capturing” button, and it finds and displays user accounts currently on insecure websites via the WiFi network. Once they find a user account that interests them, that user’s name and photo will be displayed. If the attacker double-clicks on users’ info, the attacker is instantly logged in as them. Then away your privacy goes. The underlying problem is that most websites are not SSL-secured. Twitter’s SSL site is an option but not the default version. Aside from using a VPN connection or a proxy (neither of which would be practical for many consumers) you can download another Firefox add-on called ‘Force TLS’ which automatically directs you to the SSL version of a site, if one exists.

Butler insists that he developed this new tool to bring attention to everyone of their insecurity while on WiFi. He believes that all websites have the responsibility to protect their customers. “They’ve been ignoring this responsibility for too long, and it’s time for everyone to demand a more secure Web”, Butler says. He hopes Firesheep will force all websites to go SSL. Presently, Facebook has been testing a technology that will close this loophole; they hope to provide it within the next few months. However Facebook states, “As always, we advise people to use caution when sending or receiving information over unsecured Wi-Fi networks”, basically putting the responsibility on us, the users. Other websites such as Google have already dealt with this insidious problem. Firesheep won’t work on Gmail accounts, because Google decided to make “https” the default setting for emailers earlier this year. Thank you Google.

What you should do.

There are many apps which are available to download directly to your iPod, smartphone or laptop directly from their respective app stores. They are reasonably priced, considering the value your personal identity and privacy are worth.

Also, there are many downloadable programs from the internet itself to protect your wifi connections. Here are some suggestions:

WiFi Guardian 1.6.1
Surf securely through WiFi Hotspots or regular connections and protect your privacy by encrypting your Internet traffic. Your personal information, bank accounts, credit card numbers, passwords are now protected. WiFi Guardian will also change your IP address and will conceal your web activities. Even your Internet. Free download of WiFi Guardian 1.6.1, size 1.98 Mb.

myWIFIzone
myWIFIzone blocks freeloaders from using your WIFI network to access the internet. It features real-time intruder alerts and logging and is compatible with WEP/WPA security tools. It can be upgraded to support WIFI hotspot services (Q1/2006). It’s a Freeware download of myWIFIzone, WIFI Internet Access Blocker 3, size 349.18 Kb.

Advanced WiFi-Manager
This is a developer tool that allows you to manage wireless networks and settings in Windows 2000, 2003, XP and Vista using one set of API functions. Also, Advanced WiFi-Manager provides a COM interface for all API functions so you can simply control WiFi settings from VB or such. Free download of Advanced WiFi -Manager 3.2, size 1.89 Mb.

Be pro-active; always protect yourselves and your family while online. You have an anti-virus program for your home computers, now get an encryption program for your WiFi connections.

Author Bio: Visit http://www.tomharriscellular.ca for cellular phones, digital tv and high speed internet.

Category: Computers and Technology
Keywords: smartphones,iphone,blackberry,mobile internet plans,cellular phones