How To Protect Against Firesheep Attacks 208
Monday we mentioned Firesheep, a plug-in that trivializes ID spoofing on social networks. Since then various security researches have come out to suggest
How to Protect Yourself against Firesheep Attacks (submitted by
Batblue). Of course the advice is pretty obvious: Don't use free Wi-Fi, use SSL, or a VPN. It seems to me that the big sites should start by redirecting all non-SSL traffic to https automatically. If you want to be insecure, you'd have to explicitly state that you can't encrypt for some reason.
Let's just encrypt everything all the time (Score:1, Funny)
Did I mention I sell SSL certificates?
Defense is Easy (Score:5, Funny)
All you really need to do is stay out of the tall grass on Route 32. If you do have a firesheep attack, I recommend sending out a water type like wartortle.
Re:slashdot's method (Score:3, Funny)
My precious, precious karma. :)
Re:Defense is Easy (Score:3, Funny)
Blastoise, I choose you!
Blastoise uses "SSL Fountain"!
It's super effective!
Re:slashdot's method (Score:4, Funny)
I *did* make the same post!
Re:how about (Score:1, Funny)
simply not using social networks?
*gasp* HERETIC!!!
Re:slashdot's method (Score:3, Funny)
Re:slashdot's method (Score:3, Funny)
In all seriousness, people should not be using Facebook in a way that could cause any damage to them if their accounts are hijacked. Facebook is a toy, and treating it like anything other than a toy is asking for trouble.
Re:Defense is Easy (Score:5, Funny)
Come on, we're all adults here.
Meaning, you should have a Blastoise by now.