|
|
Ask a question, send a message
|
Malware - malicious software
|
|
|
How easy is it for your computer to become infected with malware and what happens when it is infected. Malware - short for "Malicious Software" is a piece of code that infiltrates your computer usually...
malware malicious software
|
|
IE8 and MSE's malware protection
|
|
|
At the very least, all Windows users should
be using Internet Explorer 8 which comes
with built-in Malware and Phishing protection, and Microsoft Security Essentials which is a free download from Microsoft that offers...
ie8 and mse malware protection
|
|
Malware, key-loggers and mail relays
|
|
|
There are many different types of infection - malware, key-loggers, mail relays etc., but most are designed in a way that eventually leads to you parting with your hard-earned cash in some way or, another...
malicious software
|
|
|
|
This week, Gmail users will have noticed that
a new feature has been added to their online Gmail account. "Priority Inbox" has been added to Gmail's list of features because apparently, dealing with spam is no longer...
gmail priority inbox
|
|
|
|
If I were to tell you that your Internet Service Provider had introduced a system on to their network that tracked which web sites you were visiting - would you feel that it was an invasion of your privacy? I ask, because...
invasion of privacy
|
|
|
|
Firesheep malicious software
|
|
|
|
A couple of months back I informed readers about how easy it is, using a long-range wireless network adapter, to break into any one's wireless router and use their internet connection for free. This week however, a new tool in the form of a Firefox add-on, aptly called Firesheep has been released that, enables the user to packet sniff unencrypted data on a wireless network and hi-jack session cookies.
|
|
Nowadays, to send and receive sensitive data between computer and server, most internet services use secure communication (https://) - details, such as your user name and password, are encrypted to protect them from being stolen. Look for the "https://" in the address bar of your web browser, instead of the standard "http://" prefix.
|
|
However, once you have signed in, a lot of internet services (Facebook, Twitter, Windows Live, WordPress, Yahoo and many more) use the "http://" or, 'unencrypted' prefix, for any future requests and rely 'only' on the session cookie for authentication. Why do they do this? It removes the need to encrypt every request that is sent to the server which reduces the data overhead on their servers (it's faster).
|
|
Your on-line bank account and services such as Gmail that use the "https://" prefix or, "SSL encryption" as it is better known, to protect all the requests from browser to server, are not affected, but other on-line services such as the one's that I have mentioned, are affected and, using the new Firefox addon, it is simple to sniff out unencrypted data from a wireless network and steal or, hijack, a user's session cookie and use it to gain temporary access to their account.
|
|
So, what does all this mean?
|
|
Well, sniffing unencrypted data from wireless networks is nothing new and there are tools such as "Wireshark" that have been used to do this for a long time. To do it successfully however, requires a reasonable amount of expertise and IT experience. The difference that the introduction of this new addon for Firefox makes is that anyone can download and use it - literally, with the click of a single button. Very little IT knowledge or, expertise is required and in fact, the person that has written and released it, provides all the instruction that is needed to use it.
|
|
Some may say, that as long as anyone that is using the Firefox addon to sniff an unencrypted wireless network can't get the user name and password details of another user on the same network, that no 'great' harm has been done and, as long as the details are entered on a secure "https://" session, that is the case.
|
|
However, the fact that someone can use the tool to sniff out and hi-jack another users session cookie and use it to assume their identity for that session is enough to worry many people!
|
|
Imagine for a moment that, having logged into your Facebook account, you notice that a derogatory posting has been made made or that, having logged into your email account, you notice that an email about Viagra or, anything else for that matter, has been sent from your email account, but not by you, by someone that has hi-jacked your session cookie and taken control of your account for that session. Your friends may easily be upset by a derogatory posting and it wouldn't be that easy to explain away, even if you did realise what had happened!
|
|
During such an attack, the hijacker has full control of your account meaning that they can do whatever they want which includes changing your profile or, login details and your password!
|
|
So, why has Eric Butler released the Firefox add-on?
|
|
He claims that it is to highlight the problem and to show internet users how easy it is to do and hopefully, make them wary when using wireless internet connections and secondly, to force the web services that are using the "http://" prefix to go 'more' secure by using the "https://" prefix for all transactions between a user's computer and their servers.
|
|
|
Personally, I completely agree and hope that now, something will be done to address this situation which to most internet users, will be 'wholly unacceptable', especially the users of some of these very popular internet services. I am sure that Firefox will be 'frantically' working to try and stop their internet browser being used in such a way and hope that they will be able to patch the problem, 'sooner' rather than 'later'!
|
|
|
|
