{"id":697,"date":"2011-02-15T18:13:44","date_gmt":"2011-02-16T00:13:44","guid":{"rendered":"http:\/\/www.mooreds.com\/wordpress\/?p=697"},"modified":"2011-02-12T18:27:18","modified_gmt":"2011-02-13T00:27:18","slug":"firesheep-or-beware-the-passwordless-wireless-network","status":"publish","type":"post","link":"https:\/\/www.mooreds.com\/wordpress\/archives\/697","title":{"rendered":"Firesheep, or, beware the passwordless wireless network"},"content":{"rendered":"<p>I&#8217;m late to the party in writing about <a href=\"http:\/\/codebutler.com\/firesheep\">firesheep<\/a>.\u00a0 For those not into web security, it basically means that it has become easy peasy to grab someone&#8217;s credentials when they are surfing the web via a non encrypted wireless  network&#8211;the kind that used to be at a few coffee shops but now are at laudromats and car repair shops.<\/p>\n<p>The upshot: think long and hard about surfing any sites that you sign in to that doesn&#8217;t encrypt all traffic thereafter (<a href=\"http:\/\/getsatisfaction.com\/yahoo\/topics\/full_ssl_support_in_yahoo_mail_when\">I&#8217;m looking at you, Yahoo! Mail<\/a>).\u00a0 If you must, consider running <a href=\"http:\/\/www.zscaler.com\/blacksheep.html\">blacksheep<\/a>, change your password regularly, don&#8217;t have the website &#8216;remember you&#8217;, and make sure you sign out (which typically invalidates your cookies)&#8211;don&#8217;t just close the browser.<\/p>\n<p>Jeff over at Coding Horror does a great job of explaining what <a href=\"http:\/\/www.codinghorror.com\/blog\/2010\/11\/breaking-the-webs-cookie-jar.html\">the fundamental issues are as well as possible solutions<\/a>, and I had a friend point out that you can extend firesheep with a <a href=\"https:\/\/github.com\/codebutler\/firesheep\/tree\/master\/xpi\/handlers\">bit of javascript<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I&#8217;m late to the party in writing about firesheep.\u00a0 For those not into web security, it basically means that it has become easy peasy to grab someone&#8217;s credentials when they [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,2],"tags":[],"class_list":["post-697","post","type-post","status-publish","format-standard","hentry","category-http","category-technology-and-society"],"_links":{"self":[{"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/posts\/697","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/comments?post=697"}],"version-history":[{"count":1,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/posts\/697\/revisions"}],"predecessor-version":[{"id":698,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/posts\/697\/revisions\/698"}],"wp:attachment":[{"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/media?parent=697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/categories?post=697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mooreds.com\/wordpress\/wp-json\/wp\/v2\/tags?post=697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}