# Beware the Firesheep By [Continuations](https://continuations.com) · 2010-10-27 security, wi-fi --- I have long operated an open and unsecured wifi access point at home.  Why?  For anything that really requires security, such as online banking, I am relying on [end-to-end encryption](http://en.wikipedia.org/wiki/End-to-end_encryption) via SSL.  That requires being somewhat diligent to make sure your browser actually shows it has a secure connection because otherwise you are potentially subject to a [MITM attack](http://en.wikipedia.org/wiki/Man-in-the-middle_attack) where the attacker rewrites secure to unsecure connections.  But end-to-end based on certificates provides much higher security than any of the wireless standards. I have also not been super worried about someone sniffing my password or doing a [replay attack](http://en.wikipedia.org/wiki/Replay_attack) because those still required a bit of setup and I figure that kids in the suburbs were more likely to be on Facebook than spend time hijacking my session. [Firesheep](http://codebutler.com/firesheep) changes that by shrink-wrapping the replay attack in a browser plug-in.  Now it is entirely a question of point and click.  This is an example of where a change in degree becomes a change in type.  The attack is not 10 percent easier or faster, it is now a mass market product. I will continue to leave my wifi network open at home and will also continue to use open wifi networks while I am on the road, but I will now do so only over a secure proxy.  Thankfully I run several servers in the cloud, so having my own up and running is straightforward. But there may also be a business opportunity here.  People could start to run secure proxies and charge for them.  This has been attempted I the past but without much success.  The combination of Firesheep and some of the concerns over profiling may might be enough.  I say might because historically convenience has trumped security and privacy for consumers. ![Enhanced by Zemanta](http://img.zemanta.com/zemified_e.png?x-id=b91f0b1d-54f9-4220-a347-48de1f74b90a) --- *Originally published on [Continuations](https://continuations.com/beware-the-firesheep)*