Facebook offers protection against wireless Firesheep attack

Starting today, users can connect to Facebook using HTTPS

Facebook is rolling out a more secure way to connect to its website, which will protect users from a widely publicized wireless networking attack called Firesheep.

The social-networking site starting Wednesday will let users connect to Facebook using an HTTPS secure Web connection, which offers extra assurance that they're connecting to the website that they intend to reach, while also encrypting the data sent between the PC and Facebook.

This encryption makes it safer for people who log onto Facebook in places that have insecure wireless networks. It's easy to sniff unencrypted Web traffic on unsecured Wi-Fi networks, so a hacker could walk into a Starbucks, for example, and start stealing information from people who are logged onto the network. Security researcher Eric Butler last year released Firesheep, a Firefox plugin that lets anyone log into a victim's Facebook or Twitter account.

The new HTTPS option will thwart the Firesheep attack, said Roger Thompson, vice president of Web threat research with security vendor AVG.

But it won't stop the biggest scams on Facebook. It won't stop phishing, the Koobface worm, or viral scams that entice victims with the promise of interesting videos, but end up trying to sell them paid mobile-phone services, he said.

Over the past few years, consumer websites have begun using more HTTPS in order to make things more secure. It's now used by default on Gmail and it's an option for Hotmail users as well.

Right now, Facebook users will need to change their security settings to turn on the HTTPS option -- and it isn't yet available to all users -- but the company expects it to gradually become more widespread. "We are rolling this out slowly over the next few weeks, but you will be able to turn this feature on in your Account Settings soon," Facebook said Wednesday in a blog post announcing the feature. "We hope to offer HTTPS as a default whenever you are using Facebook sometime in the future."

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Tags Internet-based applications and servicessecuritysocial networkinginternetFacebook

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?