Page 1 of 3 123 LastLast
Results 1 to 15 of 31
  1. #1
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Sep 09, 2009
    Location
    Down Under :D
    Posts
    5,484
    Specs:
    Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)
    Firesheep? How do we protect ourselves from this and similar software?
    I only just saw this Firesheep thing on a current affair programme here in Oz, and it leaves me wondering if the OS X firewall is enough to keep safe from such a thing when using wifi hot spots, etc?

  2. #2
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Dec 01, 2010
    Posts
    5
    6string, firesheep only works on unencrypted wireless networks. It exploits the nature of the packets being transmitted in clear text. It is a modern day implementation of traditional packet sniffing (which wired networks faced back in the old bus and hub architecture days), however there is a focus on HTTP and payload inspection.

    Other less technical characteristics include the nature of human stupidity and simplicity. In the old days networks were fewer in numbers and anyone administrating a network understood to some extent how the technology worked, today everyone uses network based technology with little to no understanding on how it works.

    Did you also notice that most of the exploited users on the ACA were mac users? It must have something to do with the fact that most mac users are completely clueless about the nature of underlying technologies. Its not entirely their fault, Apple designed OSX to hide many of the underlying complexities to meet the simplistic nature of their target audience. This brings us full circle and back to your statement… firewalls have nothing to do with the encryption of wireless network packets.

  3. #3
    Firesheep? How do we protect ourselves from this and similar software?
    schweb's Avatar
    Member Since
    Oct 27, 2002
    Location
    Cleveland, Ohio
    Posts
    13,190
    Specs:
    MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
    Quote Originally Posted by 6string View Post
    I only just saw this Firesheep thing on a current affair programme here in Oz, and it leaves me wondering if the OS X firewall is enough to keep safe from such a thing when using wifi hot spots, etc?
    There are only a few ways to be safe from Firesheep...

    1. Don't use wireless networks that don't have a password on them.
    2. If you do use a non-password protected network, connect to the net through VPN.

    Other than that, not a ton you can do. Really, I think most places with free wifi should take the initiative to add a simple password to their network which would protect everyone and is the responsible thing to do. It's our job to make sure they know about it and do it.
    schweb | community leader
    flickr » facebook » twitter » tumblr » google+ » about.me

    Mac-Forums: On Twitter | On Facebook | On Flickr


  4. #4
    Firesheep? How do we protect ourselves from this and similar software?
    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,396
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    And if you must use a connection where Firesheep will work, use BlackSheep to warn you if someone is using it.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  5. #5
    Firesheep? How do we protect ourselves from this and similar software?
    bobtomay's Avatar
    Member Since
    Dec 22, 2006
    Location
    Texas, where else?
    Posts
    26,209
    Specs:
    15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '11 1.8 i7 4GB 10.10; 21" iMac '13 2.9 i5 8GB 10.10; 5s & 5c
    Or grab the Firefox plugin - HTTPS Everywhere - from the EFF and available here.
    I cannot be held responsible for the things that come out of my mouth.
    In the Windows world, most everything folks don't understand is called a virus.

  6. #6
    Firesheep? How do we protect ourselves from this and similar software?
    harryb2448's Avatar
    Member Since
    Nov 28, 2007
    Location
    Nambucca Heads Australia
    Posts
    20,056
    Specs:
    iMac i5 2.7GHz, 16GB memory, OS 10.10.5
    Surely WPA2 Personal with a thirteen digit/letter password would provide ample protection, apart from using HTTPS Everywhere?

  7. #7
    Firesheep? How do we protect ourselves from this and similar software?
    bobtomay's Avatar
    Member Since
    Dec 22, 2006
    Location
    Texas, where else?
    Posts
    26,209
    Specs:
    15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '11 1.8 i7 4GB 10.10; 21" iMac '13 2.9 i5 8GB 10.10; 5s & 5c
    You would only want to use that when you're out and about using free and open wifi networks.
    I cannot be held responsible for the things that come out of my mouth.
    In the Windows world, most everything folks don't understand is called a virus.

  8. #8
    Firesheep? How do we protect ourselves from this and similar software?
    schweb's Avatar
    Member Since
    Oct 27, 2002
    Location
    Cleveland, Ohio
    Posts
    13,190
    Specs:
    MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
    Quote Originally Posted by bobtomay View Post
    Or grab the Firefox plugin - HTTPS Everywhere - from the EFF and available here.
    But that only works if the site supports HTTPS. And unfortunately, that plugin is only for Firefox.
    schweb | community leader
    flickr » facebook » twitter » tumblr » google+ » about.me

    Mac-Forums: On Twitter | On Facebook | On Flickr


  9. #9
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Dec 01, 2010
    Posts
    5
    Quote Originally Posted by harryb2448 View Post
    Surely WPA2 Personal with a thirteen digit/letter password would provide ample protection, apart from using HTTPS Everywhere?
    It depends on your definition of "ample protection", WPA2 is ok for stopping most firesheep users (again the common user has very little understanding of the underlying technology the software utilizes). Some/any level of encryption it is likely to stop 99.9% of users. The last 0.1% can't be stopped, they'll first crack WPA2 using something like rainbow tables and then the behaviour of firesheep will be transparent as an unencrypted network (at that point we can debate if they'd even use firesheep). Fortunately, the very small minority of users that understand the technology (and maths) well enough to achieve this are unlikely to be wasting their time hacking at public wirelness networks.

  10. #10
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Sep 09, 2009
    Location
    Down Under :D
    Posts
    5,484
    Specs:
    Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)
    Sorry to have started a debate guys.... I was hoping for something in layman's terms, as my understanding of anything in regards to internet setup, security, etc is 0.00!
    Thank you though, for all the responses trying to help, and I do appreciate it.

  11. #11
    Firesheep? How do we protect ourselves from this and similar software?
    bobtomay's Avatar
    Member Since
    Dec 22, 2006
    Location
    Texas, where else?
    Posts
    26,209
    Specs:
    15" MBP '06 2.33 C2D 4GB 10.7; 13" MBA '11 1.8 i7 4GB 10.10; 21" iMac '13 2.9 i5 8GB 10.10; 5s & 5c
    No debate. And I think it's worthwhile letting folks know about things like this to become aware of what they're doing when using unsecured networks.

    I know next to nothing about all the hacking side and what can be done related to being able to intercept data either.
    I cannot be held responsible for the things that come out of my mouth.
    In the Windows world, most everything folks don't understand is called a virus.

  12. #12
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Dec 01, 2010
    Posts
    5
    Quote Originally Posted by 6string View Post
    Sorry to have started a debate guys.... I was hoping for something in layman's terms, as my understanding of anything in regards to internet setup, security, etc is 0.00!
    Thank you though, for all the responses trying to help, and I do appreciate it.
    Case in point, firesheep exists because users don't understand technology. Firesheep will actually be a good thing, if it raises users understanding of the technology around them (although I highly doubt it).

  13. #13
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Sep 09, 2009
    Location
    Down Under :D
    Posts
    5,484
    Specs:
    Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)
    Quote Originally Posted by TheAntiM View Post
    Case in point, firesheep exists because users don't understand technology. Firesheep will actually be a good thing, if it raises users understanding of the technology around them (although I highly doubt it).
    Hmmm, not quite!
    What you call a good thing is your bad Karma!

    Anyway, apart from that condescending statement above, as much as TheAntiM may feel this gives credit to his/her statement, I'm as lost as I was at the first response to this thread, by ....TheAntiM
    VPN, HTTP, and the list goes on, not to mention all the googling I did, to try to make all of it make sense to me, still no wiser.
    My computer studies were at school with a commodore 64 in typing class
    I really do appreciate all the attempted help though!

  14. #14
    Firesheep? How do we protect ourselves from this and similar software?

    Member Since
    Sep 09, 2009
    Location
    Down Under :D
    Posts
    5,484
    Specs:
    Back to my old 2.2GHz C2D MB after selling my MBP and wondering what my next Mac will be :)
    I must add TheAntiM..... Does the stand for anti Mac?

    Thanks for the help?
    Thanks for joining Mac Forums for that!

  15. #15
    Firesheep? How do we protect ourselves from this and similar software?
    schweb's Avatar
    Member Since
    Oct 27, 2002
    Location
    Cleveland, Ohio
    Posts
    13,190
    Specs:
    MacBook Pro | LED Cinema Display | iPhone 4 | iPad 2
    Quote Originally Posted by TheAntiM View Post
    It depends on your definition of "ample protection", WPA2 is ok for stopping most firesheep users (again the common user has very little understanding of the underlying technology the software utilizes). Some/any level of encryption it is likely to stop 99.9% of users. The last 0.1% can't be stopped, they'll first crack WPA2 using something like rainbow tables and then the behaviour of firesheep will be transparent as an unencrypted network (at that point we can debate if they'd even use firesheep). Fortunately, the very small minority of users that understand the technology (and maths) well enough to achieve this are unlikely to be wasting their time hacking at public wirelness networks.
    You're right, just like locking your car won't stop a determined car thief.

    But...

    Adding any security will deter them because why spend time hacking into WPA2 when there's 50 other places with no security? The only way someone is going to be that determined is if there's something that they really, really want from behind that security since breaking it isn't trivial.
    schweb | community leader
    flickr » facebook » twitter » tumblr » google+ » about.me

    Mac-Forums: On Twitter | On Facebook | On Flickr


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Copy Protect Software for Mac Files
    By KLeland in forum Switcher Hangout
    Replies: 2
    Last Post: 01-10-2013, 03:16 PM
  2. similar software to MacCleanse
    By zukermaister in forum OS X - Apps and Games
    Replies: 1
    Last Post: 09-20-2010, 01:30 AM
  3. Whiteboard Software - Something Similar
    By Clownzer in forum OS X - Apps and Games
    Replies: 3
    Last Post: 11-17-2007, 10:28 PM
  4. software similar to sidetrack for trackpad
    By terpfan in forum Apple Notebooks
    Replies: 1
    Last Post: 02-20-2006, 12:53 AM
  5. similar Virtual Cd software for mac?
    By Buffalo_bob in forum Running Windows (or anything else) on your Mac
    Replies: 2
    Last Post: 12-09-2004, 11:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •