SysAdmins Log

So by now chances are you have heard of Firesheep, the nifty little Firefox extension which allows you to grab session cookies over unencrypted wireless connections for sites like Amazon and Facebook etc…

But not to fear! Someone has come up with a counter-extension called Black Sheep (coincidentally having the same name as a hilarious (and gory) B-Movie from New Zealand, see IMDB) this extension, found here. Allows you to craft a fake cookie and throw it out over wifi (remember this is only a threat on unencrypted wifi) and if anyone is listening in with Firesheep it will detect this and alert you. You can find that here.

…Or you could just enable WPA/WPA2 on your wireless networks… seems simple enough right?  If for some reason you absolutely refuse to use encrypted wifi, another way to try an circumvent Firesheep users is to make sure you connect via HTTPS to these sites. You can get extensions for that from EFF (HTTPS-Everywhere) here and Sid Stamm(Force-TLS) here I would use both encryption and HTTPS/TLS, but I am also more paranoid than normal people

Anyway, just be wary of what wireless networks you connect to and understand that no matter where you go, you might be at risk, keep your eyes peeled or it might bite you later…

Thats all for now!