How to Not Lose Sleep Over Firesheep

Odds are you’ve heard about the Firesheep hysteria by now. If you still aren’t sure what to do about it, here’s a short guide to help keep your Internet experience safe.

One dangerous aspect of Firesheep is that it affects popular websites such as Facebook and Twitter, according to CS50 professor David J. Malan ’99. The reason for such widespread susceptibility is that many websites do not use protocols for security over the internet (also known as SSL) and are thus not very secure.

Although Malan said that online e-mail services may be at risk, Gmail—a favorite of students—in fact uses SSL and should not be affected. However, Malan noted that Gmail is not necessarily infallible, since some accounts are used to access other web services.

Malan’s biggest piece of advice is to use a virtual private network (VPN) client, which allows a user to access a network securely. Harvard students can access the FAS VPN server by going to vpn.fas.harvard.edu. Note: you must enter your username as [username]@fas.harvard.edu.

In addition to the VPN server, there are free Firefox plugins to boost browsing security, such as HTTPS Everywhere and Force-TLS. These programs attempt to change a website’s Hypertext Transfer Protocol from HTTP to the more secure HTTPS. Unfortunately, these add-ons may not be entirely effective. "They only work if the website supports SSL, as it is more expensive for them to run SSL," Malan said.

In short, here are some tips:

1. Look for sites that use HTTPS. These are more secure and most reliable.

2. For secure network access, use VPN.

3. Keep in mind that your e-mail may not be secure.

4. Try downloading HTTPS Everywhere and Force-TLS.

5. Although tempting, try to avoid accessing vulnerable sites like Facebook during a big lecture class (and on public Wi-Fi in general).

The most important thing to do is to be smart about surfing the web and not to take security on the Internet for granted. "Odds are if you can see someone across the room, they could be snooping on you," Malan said, while stressing the uncertainty of how things will play out with Firesheep. "Things are going to be a little unsafe for a while," he said.