Monthly Archives: October 2010

Firesheep is Scary! (And a Chrome/Firefox Solution)

Firesheep is a new Firefox plugin that makes it very, very, very easy for anyone to mess with your online accounts. It exploits the unbelievable lack of security in most websites.

One solution (and probably the easiest good one) is to use SSL encryption. That sounds complicated, but it’s usually as easy as entering “https://” instead of “http://” before the URL. I say “usually,” because not all websites support SSL (it’s much more complicated from their end!).

Of course, it’s a pain in the neck to type that in all the time, so here’s a quick solution for Chrome or Firefox. In either browser, it forces “s” to redirect to ““, for example.

Wrench menu –> Options –> Basics tab –> Default Search section –> Manage –> Add…

Then add the following “search engine” keyword:

Name: SSL
Keyword: s
URL: https://%s

Bookmarks –> Organize Bookmarks –> Unsorted Bookmarks (in the sidebar)
Then Organize –> New Bookmark…

Then add:
Name: SSL
Location: https://%s
Keyword: s

This will force the first page you visit to use SSL, but the website may drop the security for future pages. For example, “s” will stay encrypted, because Google is smart, but “s” will go back to plain old HTTP after you log in, because Facebook…. isn’t that smart.

Plugins like HTTPS Everywhere (Firefox only, because of technical limitations in other browsers) will automate the process and keep your connection secure all the time.


Lame Joke

Knock Knock.

          Who’s there?


          man who