Skip to main content

How to prevent Firesheep hacks, attacks and hijacking

FiresheepAirports, coffee shops, and campuses everywhere became a little more dangerous this week when Wi-Fi hotspots were inundated with curious “hackers” who downloaded the Firesheep plug-in to take a peek at their neighbors Internet habits.

The downloadable Firefox extension created by Seattle Web developer Eric Butler and released to the public this week has been a hit with novice hackers everywhere. While Firesheep does allow users to hijack someone else’s Internet session, it doesn’t give them access to passwords or other account information that a person isn’t viewing.

Recommended Videos

But just as swiftly as the annoyingly easy-to-use extension was unleashed on Wi-Fi connections everywhere, a couple of quick fixes have been introduced. Here is how you can avoid inadvertently exposing your private information through Firesheep.

Use a VPN

Besides the very obvious resource of avoiding public Wi-Fi networks altogether, one option is to use a virtual private network (VPN) when connecting. A VPN will act like a guard when using Wi-Fi and encrypts all of your information circulating between you and the Web. It isn’t free, however, and runs around $5 to $10 a month. There are varying opinions on how much using a VPN protects users.

Download a Firefox plug-in

If that’s not enough security or if you aren’t concerned enough to pay a subscription rate, Firefox itself wants to offer a solution to its own problem. The browser offers two different, free plug-ins that encrypt your information when visit specific sites. HTTPS-Everywhere and Force-TLS prevent snooping on particularly personal sites, like Facebook, Twitter, and PayPal.

Force-TLS lets you design the list of sites you’d like protected and HTTPS-Everywhere comes with its own. If you use a different browser, however, you’re out of luck: These are available only through Firefox, but if you care about a private net session it’s worth it to use Firefox momentarily.

Beware the evolving ‘sheep

These tools will keep Firesheep users out of your computer, but it doesn’t fix the real problem: that these sites full of very personal information aren’t encrypting all of that. Butler insists that he waits for the day that Firesheep will be unusable, saying on his blog “Going forward the metric of Firesheep’s success will quickly change from amount of attention it gains, to the number of sites that adopt proper security. True success will be when Firesheep no longer works at all.”  He also warns, or really, promotes, that more versions of Firesheep are in development. But if his experiment results in making the Web a safer place, maybe the hoards of Wi-Fi users currently paranoid about the Internet activity will thank him.

Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
One of the most exciting upcoming CES 2025 launches just got leaked
lenovo foldable laptop extended.

Last year, Lenovo teased a rollable laptop at MWC 2023, but it was purely a prototype. Now, a leak covered by The Verge from Evan Blass claims that the concept is becoming a reality and will be released at CES 2025 in just a few weeks.

The concept Lenovo laptop from last year looks like a completely normal laptop at first, but once you press a button on the side, more screen literally starts rolling out from under the keyboard. The screen slowly grows until you have basically two laptop screens stacked on top of each other.

Read more
ChatGPT just got a bump to its coding powers
ChatGPT collaborating with Notion

For its penultimate 12 Days of OpenAI announcement, the company revealed a trio of updates to ChatGPT's app integration on Thursday, which should make using the AI in conjunction with other programs on your desktop less of a chore.

OpenAI unveiled ChatGPT's ability to collaborate with select developer-focused macOS apps, specifically VS Code, Xcode, TextEdit, Terminal, and iTerm2, back in November. Rather than needing to copy and paste code into ChatGPT, this feature allows the chatbot to pull specified content from the coding app as you enter your text prompt. ChatGPT, however, cannot generate code directly into the app, as Cursor or GitHub Copilot are able to.

Read more
Here’s why some PC gamers shouldn’t install the latest Windows 11 update
Overwatch 2 running on the LG OLED 27 gaming monitor.

The latest Windows 11 update, codenamed 24H2, has been a troubled rollout for Microsoft, but one thing's been clear from the beginning: PC gamers should wait to install it. Let's add another issue to the list, shall we?

As spotted by Windows Latest, Microsoft has confirmed in an update to its Windows 11 24H2 problems page, that Windows 11 24H2 is causing issues with its Auto HDR feature. The result of the bug is that incorrect colors are being displayed or, even worse, are breaking games entirely and causing them to not be responsive.

Read more