I guess by now I don't have to further explain what Firesheep Firefox extension is all about as the web is scrambling to find websites with relative information as well as Firesheep installation instructions. See the video below to know how Firesheep works without actually downloading and using it.
You've seen the video. You are now aware how weak your favorite social networking sites are when it comes to protecting your account(s). Some of you may have your curiousity increased a notch higher while some are otherwise hesitant to use social networks on public WiFi hotspots for now.
Don't be. We found some workaround don't worry.
Eric Butler, yeah Eric Butler, the same guy who developed Firesheep and exposed the vulnerability of social networks to hacking, is suggesting ways to protect yourself from unscrupulous Firesheep users.
Here are Butler's suggestions:
Suggestions to help protect yourself right now While companies are implementing fixes you can do a few things to increase your level of security, but there’s no silver bullet (aside from stopping use of the services which you don’t want hijacked.)The best way to get the best advise is to get it from the add-on maker himself right? While others want Butler behind bars for the controversy he created, I think you will agree if I say he's not that bad after all, huh?
- HTTPS-Everywhere - This is a Firefox extension created by the Electronic Frontier Foundation which makes Firefox use only HTTPS connections for certain websites. Like Firesheep, it only works on a defined list of websites, so it won’t protect you if you use any websites that it doesn’t support. It does not appear to be immediately simple for users to add sites without some development experience. HTTPS-Everywhere is well respected for doing what it claims to do safely.
- Force-TLS - As mentioned earlier, some websites support SSL but don’t implement it properly, leaving you at risk. This Firefox extension is similar to HTTPS-Everywhere but allows you to specify your own list of domain names to force encryption on.
- VPN - In some situations a VPN (or something similar such as an SSH tunnel) can be great. All traffic sent through a VPN is likely secure from your computer to the VPN server. But be aware that this is not a silver bullet and there are potential problems. See below for our warnings on using a VPN.