Home Security
PC Matic
PC Matic VPN
More Products
Support Unlimited
Identity Theft Protection
PC Magnum
Threat Awareness
How PC Matic Protects You
SuperShield Whitelist
Compare PC Matic
Norton
McAfee
Avast
AVG
Business Protection
PC Matic Pro
PC Matic MSP
Solutions
Allowlisting
Script Enforcement
Device Control
Patch Management
Remote Tools
Integrations
Server Security
Learn More
Resellers
Affiliates
Resources
Case Studies
Compare PC Matic Pro
ThreatLocker
Airlock Digital
VMware Carbon Black
AppLocker
For Federal
Partner Programs
Managed Service Providers
Channel Partners
Affiliate Partners
OEM Partners
Resource Center
All Resources
Case Studies
Data Sheets
User Guides
White Papers
Blog Resources
PC Matic Blog
Business Security
Home Security
Cyber News
Scam Alerts
Customer Service
Home Support
Business Support
Learn More
Getting Started
Knowledgebase
Tech Support Scams
Fake Virus Scams
Tools & More
Ransomware Center
Internet Speed Test
PC Matic
About
Careers
Learn More
Industry Recognition
Leadership
Commercials
Stay Up-to-Date
Newsroom
Blog
Events
TechTalk Podcast
Home Customers
My Account
PC Matic App
Add a Device
Renew Subscription
Business Customers
Business Login
Business Support
Search

TechBite: A Very Serious Threat

steveb

By Steve Bass

You’re at Starbucks, busy working on your Facebook page. Bad news: The guy at the next table is a hacker, and he’s also working on your Facebook page. Sit tight, I have a few ways for you to make yourself invisible to hackers.

One Very Serious Threat

There’s a pervasive, serious Facebook and Twitter exploit that leaves you wide open to any and every hacker who can download a simple-to-use, free tool called Firesheep. It’s a threat if you’re using an unsecured, public Wi-Fi network, typically available at an Internet cafe, airport, hotel, or RV campground.

Last week TechBite paid subscribers got the first dispatch about this in the Extra newsletter; here’s a more detailed version.

The Hacking Tool
Firesheep is an HTTP session hijacker that runs as a Firefox extension and sniffs around for cookies on any unsecured Wi-Fi connection.

When you log onto Facebook, Twitter, or any of over 26 other social networking sites, your computer sets a session cookie. A person running Firesheep can read the cookie and log onto your Facebook page. Then he (okay, or she) can do anything from your Facebook account, such as send e-mail or write on a wall.

Every browser is vulnerable to the exploit.

The one saving grace is that Firesheep doesn’t have access to your password — that’s encrypted and safe. If the hacker tries to change it from within Facebook, you’ll get an e-mailed alert. But everything else on Facebook is fair game.

Download and try Firesheep if you don’t believe me. There’s nothing as shocking as reading a stranger’s Facebook or Twitter account without their knowledge or consent. It might actually motivate you to do something to protect yourself.

Who’s Behind Firesheep?

Firesheep’s author has an open agenda: to force social networking sites to make the entire online session secure, just as the online banking sites do. (When you’re on PayPal or your bank’s site, you’ll see an icon of a lock somewhere on your browser, and the link will start with “https” rather than just “http.”)

I think it’s a dang stupid way of getting people to see the problem, but what do I know?

How to Make Yourself Invisible to Hackers

Stop Responding to Threats.
Prevent Them.

Get Protected

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles