New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus • Advice and insight from world-class Apple enthusiasts • Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Schweb's Lounge Forum for general conversation, chit chat, or most topics that don't fit in another forum.

Firesheep? How do we protect ourselves from this and similar software?


Post Reply New Thread Subscribe

 
Thread Tools
6string

 
Member Since: Sep 09, 2009
Location: Down Under :D
Posts: 5,484
6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold
Mac Specs: Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)

6string is offline
I only just saw this Firesheep thing on a current affair programme here in Oz, and it leaves me wondering if the OS X firewall is enough to keep safe from such a thing when using wifi hot spots, etc?
QUOTE Thanks
TheAntiM

 
Member Since: Dec 01, 2010
Posts: 5
TheAntiM is on a distinguished road

TheAntiM is offline
6string, firesheep only works on unencrypted wireless networks. It exploits the nature of the packets being transmitted in clear text. It is a modern day implementation of traditional packet sniffing (which wired networks faced back in the old bus and hub architecture days), however there is a focus on HTTP and payload inspection.

Other less technical characteristics include the nature of human stupidity and simplicity. In the old days networks were fewer in numbers and anyone administrating a network understood to some extent how the technology worked, today everyone uses network based technology with little to no understanding on how it works.

Did you also notice that most of the exploited users on the ACA were mac users? It must have something to do with the fact that most mac users are completely clueless about the nature of underlying technologies. Its not entirely their fault, Apple designed OSX to hide many of the underlying complexities to meet the simplistic nature of their target audience. This brings us full circle and back to your statement… firewalls have nothing to do with the encryption of wireless network packets.
QUOTE Thanks
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
Quote:
Originally Posted by 6string View Post
I only just saw this Firesheep thing on a current affair programme here in Oz, and it leaves me wondering if the OS X firewall is enough to keep safe from such a thing when using wifi hot spots, etc?
There are only a few ways to be safe from Firesheep...

1. Don't use wireless networks that don't have a password on them.
2. If you do use a non-password protected network, connect to the net through VPN.

Other than that, not a ton you can do. Really, I think most places with free wifi should take the initiative to add a simple password to their network which would protect everyone and is the responsible thing to do. It's our job to make sure they know about it and do it.

schweb | community leader
flickr » facebook » twitter » tumblr » google+ » about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 18,218
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
And if you must use a connection where Firesheep will work, use BlackSheep to warn you if someone is using it.

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post
QUOTE Thanks
bobtomay

 
bobtomay's Avatar
 
Member Since: Dec 22, 2006
Location: Texas, where else?
Posts: 25,132
bobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond repute
Mac Specs: 15" MBP 2.33 C2D 256 4GB, MBA 13" i7 1.8, MB 2.0 2GB, Nano 4th, 3GS, iPad 1

bobtomay is offline
Or grab the Firefox plugin - HTTPS Everywhere - from the EFF and available here.

I cannot be held responsible for the things that come out of my mouth.
In the Windows world, most everything folks don't understand is called a virus.
QUOTE Thanks
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 18,138
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz, 16GB memory, OS 10.10.1

harryb2448 is offline
Surely WPA2 Personal with a thirteen digit/letter password would provide ample protection, apart from using HTTPS Everywhere?
QUOTE Thanks
bobtomay

 
bobtomay's Avatar
 
Member Since: Dec 22, 2006
Location: Texas, where else?
Posts: 25,132
bobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond repute
Mac Specs: 15" MBP 2.33 C2D 256 4GB, MBA 13" i7 1.8, MB 2.0 2GB, Nano 4th, 3GS, iPad 1

bobtomay is offline
You would only want to use that when you're out and about using free and open wifi networks.

I cannot be held responsible for the things that come out of my mouth.
In the Windows world, most everything folks don't understand is called a virus.
QUOTE Thanks
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
Quote:
Originally Posted by bobtomay View Post
Or grab the Firefox plugin - HTTPS Everywhere - from the EFF and available here.
But that only works if the site supports HTTPS. And unfortunately, that plugin is only for Firefox.

schweb | community leader
flickr » facebook » twitter » tumblr » google+ » about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

QUOTE Thanks
TheAntiM

 
Member Since: Dec 01, 2010
Posts: 5
TheAntiM is on a distinguished road

TheAntiM is offline
Quote:
Originally Posted by harryb2448 View Post
Surely WPA2 Personal with a thirteen digit/letter password would provide ample protection, apart from using HTTPS Everywhere?
It depends on your definition of "ample protection", WPA2 is ok for stopping most firesheep users (again the common user has very little understanding of the underlying technology the software utilizes). Some/any level of encryption it is likely to stop 99.9% of users. The last 0.1% can't be stopped, they'll first crack WPA2 using something like rainbow tables and then the behaviour of firesheep will be transparent as an unencrypted network (at that point we can debate if they'd even use firesheep). Fortunately, the very small minority of users that understand the technology (and maths) well enough to achieve this are unlikely to be wasting their time hacking at public wirelness networks.
QUOTE Thanks
6string

 
Member Since: Sep 09, 2009
Location: Down Under :D
Posts: 5,484
6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold
Mac Specs: Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)

6string is offline
Sorry to have started a debate guys.... I was hoping for something in layman's terms, as my understanding of anything in regards to internet setup, security, etc is 0.00!
Thank you though, for all the responses trying to help, and I do appreciate it.
QUOTE Thanks
bobtomay

 
bobtomay's Avatar
 
Member Since: Dec 22, 2006
Location: Texas, where else?
Posts: 25,132
bobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond reputebobtomay has a reputation beyond repute
Mac Specs: 15" MBP 2.33 C2D 256 4GB, MBA 13" i7 1.8, MB 2.0 2GB, Nano 4th, 3GS, iPad 1

bobtomay is offline
No debate. And I think it's worthwhile letting folks know about things like this to become aware of what they're doing when using unsecured networks.

I know next to nothing about all the hacking side and what can be done related to being able to intercept data either.

I cannot be held responsible for the things that come out of my mouth.
In the Windows world, most everything folks don't understand is called a virus.
QUOTE Thanks
TheAntiM

 
Member Since: Dec 01, 2010
Posts: 5
TheAntiM is on a distinguished road

TheAntiM is offline
Quote:
Originally Posted by 6string View Post
Sorry to have started a debate guys.... I was hoping for something in layman's terms, as my understanding of anything in regards to internet setup, security, etc is 0.00!
Thank you though, for all the responses trying to help, and I do appreciate it.
Case in point, firesheep exists because users don't understand technology. Firesheep will actually be a good thing, if it raises users understanding of the technology around them (although I highly doubt it).
QUOTE Thanks
6string

 
Member Since: Sep 09, 2009
Location: Down Under :D
Posts: 5,484
6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold
Mac Specs: Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)

6string is offline
Quote:
Originally Posted by TheAntiM View Post
Case in point, firesheep exists because users don't understand technology. Firesheep will actually be a good thing, if it raises users understanding of the technology around them (although I highly doubt it).
Hmmm, not quite!
What you call a good thing is your bad Karma!

Anyway, apart from that condescending statement above, as much as TheAntiM may feel this gives credit to his/her statement, I'm as lost as I was at the first response to this thread, by ....TheAntiM
VPN, HTTP, and the list goes on, not to mention all the googling I did, to try to make all of it make sense to me, still no wiser.
My computer studies were at school with a commodore 64 in typing class
I really do appreciate all the attempted help though!
QUOTE Thanks
6string

 
Member Since: Sep 09, 2009
Location: Down Under :D
Posts: 5,484
6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold6string is a splendid one to behold
Mac Specs: Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)

6string is offline
I must add TheAntiM..... Does the stand for anti Mac?

Thanks for the help?
Thanks for joining Mac Forums for that!
QUOTE Thanks
schweb

 
schweb's Avatar
 
Member Since: Oct 27, 2002
Location: Cleveland, Ohio
Posts: 13,198
schweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond reputeschweb has a reputation beyond repute
Mac Specs: MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2

schweb is offline
Quote:
Originally Posted by TheAntiM View Post
It depends on your definition of "ample protection", WPA2 is ok for stopping most firesheep users (again the common user has very little understanding of the underlying technology the software utilizes). Some/any level of encryption it is likely to stop 99.9% of users. The last 0.1% can't be stopped, they'll first crack WPA2 using something like rainbow tables and then the behaviour of firesheep will be transparent as an unencrypted network (at that point we can debate if they'd even use firesheep). Fortunately, the very small minority of users that understand the technology (and maths) well enough to achieve this are unlikely to be wasting their time hacking at public wirelness networks.
You're right, just like locking your car won't stop a determined car thief.

But...

Adding any security will deter them because why spend time hacking into WPA2 when there's 50 other places with no security? The only way someone is going to be that determined is if there's something that they really, really want from behind that security since breaking it isn't trivial.

schweb | community leader
flickr » facebook » twitter » tumblr » google+ » about.me

Mac-Forums: On Twitter | On Facebook | On Flickr

QUOTE Thanks

Post Reply New Thread Subscribe


« Hello guys this is sort of a first post from me >> | This is why purchasing the wrong smartphone can be lethal »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

All times are GMT -4. The time now is 05:27 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?