'

Saturday, December 25, 2010

Provocative Holiday Wisdom

There’s a New Internet Security Threat to Worry About



 If you use public wi-fi at your local coffee shop or library know this: There’s a new and very serious threat to your online security. A new program – that anyone can download – allows people to see any and everything that’s going on on your computer. Things like passwords, emails, everything. The program is called “firesheep,” and it was created by a software developer named David Butler, who posted it for free on his website. Butler says he didn’t create firesheep so bad guys could steal your password and hack your accounts – he created it to point out just how vulnerable we all are on when we use public internet services.

 Here’s the deal: big sites like Amazon and Facebook have a problem, and it’s one they all know about and haven’t bothered to fix. When you first log on to Facebook and enter your password, it’s encrypted. No one can see it. However, AFTER you log on, Facebook and your computer exchange a little piece of code, called a cookie, that allows them to recognize each other so you don’t have to keep logging on. That’s fine if you’re on a private network, but on public wi-fi it’s broadcast over the network for all to see. Firesheep grabs that piece of code and allows anyone with the program complete access to your computer. David Butler’s goal here was to force major companies to fix this issue. Only time will tell if his plan worked, but in the meantime here’s how to keep your information safe:

 Don’t do anything that requires a password when you’re on public Wi-Fi. If you have no choice, only enter financial information on sites that have full end-to-end encryption. You can tell you’re on a secure site if the address starts with HTTPS. It’s got to have that S on the end; otherwise your data is flapping in the wind.