Linked by David Adams on Mon 8th Nov 2010 16:49 UTC, submitted by HAL2001
Privacy, Security, Encryption Firesheep is a Firefox extension that makes it easier to steal logins and take over social media and email accounts after users log in from a WiFi hotspot or even their own unprotected network. Zscaler researchers have created, and are now offering to every consumer, a free Firefox plugin called BlackSheep, which serves as a counter-measure. BlackSheep combats Firesheep by monitoring traffic and then alerting users if Firesheep is being used on the network. BlackSheep does this by dropping ‘fake’ session ID information on the wire and then monitors traffic to see if it has been hijacked.
Permalink for comment 449121
To read all comments associated with this story, please click here.
Required SSL
by robojerk on Mon 8th Nov 2010 20:11 UTC
robojerk
Member since:
2006-01-10

In today's world, I think any site that handles any personal information (other than name, and timezone) should require at least simple SSL encryption.

Sites using phpbb, Wordpress, etc since they ususally only store name, IP, and timezone info can be exempt.

These site should be forced IMO. (at least parts of the site once you are logged in)
Shopping sites (Amazon.com), WebMail (Hotmail, Google), Banks/Financial, social sites (Facebook).

Unfortunately even using Facebook Pro Secure is iffy, sometimes it still uses normal http.
http://userscripts.org/scripts/show/49079

Edited 2010-11-08 20:13 UTC

Reply Score: 4