# Beware the Firesheep

**Published by:** [Continuations](https://continuations.com/)
**Published on:** 2010-10-27
**Categories:** security, wi-fi
**URL:** https://continuations.com/beware-the-firesheep

## Content

I have long operated an open and unsecured wifi access point at home. Why? For anything that really requires security, such as online banking, I am relying on end-to-end encryption via SSL. That requires being somewhat diligent to make sure your browser actually shows it has a secure connection because otherwise you are potentially subject to a MITM attack where the attacker rewrites secure to unsecure connections. But end-to-end based on certificates provides much higher security than any of the wireless standards. I have also not been super worried about someone sniffing my password or doing a replay attack because those still required a bit of setup and I figure that kids in the suburbs were more likely to be on Facebook than spend time hijacking my session. Firesheep changes that by shrink-wrapping the replay attack in a browser plug-in. Now it is entirely a question of point and click. This is an example of where a change in degree becomes a change in type. The attack is not 10 percent easier or faster, it is now a mass market product. I will continue to leave my wifi network open at home and will also continue to use open wifi networks while I am on the road, but I will now do so only over a secure proxy. Thankfully I run several servers in the cloud, so having my own up and running is straightforward. But there may also be a business opportunity here. People could start to run secure proxies and charge for them. This has been attempted I the past but without much success. The combination of Firesheep and some of the concerns over profiling may might be enough. I say might because historically convenience has trumped security and privacy for consumers.

## Publication Information

- [Continuations](https://continuations.com/): Publication homepage
- [All Posts](https://continuations.com/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@continuations): Subscribe to updates
- [Twitter](https://twitter.com/albertwenger): Follow on Twitter

## Optional

- [Collect as NFT](https://continuations.com/beware-the-firesheep): Support the author by collecting this post
- [View Collectors](https://continuations.com/beware-the-firesheep/collectors): See who has collected this post