Firesheep is a new security exploit (“hacking”) tool that allows wanna-be hackers with very little expertise to gain access to the accounts of their victims on a range of websites, including facebook, flickr, and twitter, when using an unsecured wifi network.
It’s particularly bad news for travellers, who tend to use unsecured wifi networks from their laptops, netbooks and smartphones — in cafes, guesthouses, etc — much more than the broader public.
Although the technique that Firesheep uses is not new, it was previously moderately difficult to perform. The release of Firesheep means that someone with almost no technical knowledge can gain access to other peoples accounts when using the same unsecured wifi network.
You will potentially be at risk if:
- You’re using an unsecured wifi network — one that isn’t protected by a password.
- The accessing facebook, twitter or google via HTTP, rather than HTTPS (secure HTTP)
Luckily Firesheep does not allow the hacker to get hold of your password.
How to Protect Yourself
Here are a few things that you can do to prevent being hacked by Firesheep
- Use a secure wifi network wherever possible.
- If you are using Firefox, the EFF’s HTTP Everywhere extension will force your browser to use HTTPS when accessing the affected sites. Unfortunately, it seems that Safari, IE and Chrome’s extension architecture prevents a similar plugin being written for any of them, so for the moment, it’s only available for Firefox.
Even if you don’t use Firefox normally, it would be a good idea to use Firefox with the HTTP Everywhere extension whenever you’re accessing the internet via unsecured wifi. At least until the exploit is fixed.
- If you have to use an unsecured wifi network, always log out of any websites that you’ve logged into during the session, even though you’re using your own computer. This will invalidate any website cookies which the hacker could use to pretend he is you.
An iPhone isn’t an immediately obvious choice as the phone to take with you when backpacking your way around the world: it’s limited battery life, fragility and the fact that it will attract unwanted attention all work against it. However, the fact that it is so much more versatile than a normal phone more than makes up for this.
Taking an iPhone can save you having to take an ipod, GPS, Guidebooks, language guides, maps, printed itineraries and it even works pretty well as a phone!
If you do decide to take your iPhone along with you, here are a few applications which I’ve found to be pretty useful:
Offmaps by Felix Lamouroux
Offmaps is an offline map viewer for the iphone. Unlike the Apple Maps app, Offmaps will cache the map tiles so that you can view maps when a data connection is unavailable (or indeed, to expensive to use!). Offmaps also claims to allow access to WikiTravel articles from within the application, but I’ve found that this only works when in online mode.
Unlike the Apple mapping app, which uses Google Maps, Offmaps uses OpenStreetMap.org, a sort of wikipedia for maps.
ICOON Global Picture Dictionary by Amberpress
Amberpress are the producers of the popular ICOON “wordless universal phrase book”, that is: a book of pictures which you can point at when you’re trying to communicate with someone who shares no common language with you. ICOON have now also brought out an iPhone app containing the same content as the book. On opening the application, you’re presented with a number of categories, for example: Health, Money, Accommodation, etc. Each of these categories contains set of easily understood images, which can be viewed in landscape or portrait mode.
World Facts by Fuzzy Peach LLC
World Facts is an offline iPhone version of the CIA World Fact Book. It contains all sorts of information about every country in the world. It also contains useful high-level maps. While this app would not be useful for everyone, anyone who’s a bit of an anorak will love it.
PayBack by Andrew Cunningham
You’ll find this app incredibly useful if you ever travel in a group – especially when there’s more that two of you. PayBack allows you to keep track of all the expenses incurred on your trip, who paid the expense, and who was involved. This means that not everyone shares each expense. PayBack will also work out the minimum number of transactions needed to settle all debts. As the author says: “If you have friends and you go on trips, and you want to keep your friends, then you need PayBack”.
Trails by Felix Lamouroux
Trails is a great application for recording your route, whether you’re hiking, skiing, cycling or doing any number of other activities. It provides statistics such as distance, average speed, ascent, descent and many more. It also allows you to publish your route via email, everytrail or trailrunner. You can even view your routes in Google Earth by importing the GPX file.
TripIt by TripIt Inc.
I use the TripIt website to help plan my travels. It’s especially useful for the “bigger”, scheduled bits, like airline or railway travel. The TripIt app will synchronize with the website and keep a copy of your itinerary on your phone, which will then be available offline.
Once synchronized, you’ll have access to directions, maps, booking confirmation numbers and most of the other information you’ve got on the TripIt website.
1Password by Agile Web Solutions
I use 1Password on my Mac and find it incredibly useful for saving passwords and other sensitive information in a secure way. The makers of 1Password have also brought out an iPhone application, which lets me store credit card numbers, account numbers and login information for all the websites I use in a single, password protected application. Having this information is invaluable: you never know when you may need to call you bank and cancel a card.