If you use public Wi-Fi, you need to be aware of the potential dangers to your data and passwords. Firesheep has widened the risk by providing a snooping tool that’s easy to use. Just a few minutes exposure to a Firesheep user with evil intent can be devastating to your privacy.
When I use public Wi-Fi, I use Firefox as my browser, and I use an extension called HTTPS Everywhere. Firesheep cannot see what you’re doing if you’re using secure HTTP, aka HTTPS. HTTPS Everywhere helps.
You can also tell Facebook and Gmail to always use HTTPS. Facebook’s settings are fairly fluid and changing, but right now, you can access the setting by choosing Account – Account Settings — Account Security — Change, and ticking Browse Facebook on a secure connection (https) whenever possible.
I keep the mail option enabled, as well. This provides an additional element of protection in case someone else signs in as me. It hasn’t happened yet, but if I do receive an email saying that an unfamiliar computer or mobile devices logs into my Facebook account, I will use the Also Active section’s “end activity” links to end the unauthorized activity, and then change my password immediately! The Account Activity section is also found in the Account Security section of your Facebook settings.
In Gmail, the HTTPS setting is provided in the General tab of your settings. To get to your settings, click the gear icon next to your name in the upper right corner, and choose Mail settings.
In the General section of settings, under Browser connection, tick Always use https. That way, even if you don’t have Firefox and use HTTPS Everywhere—or if you have it turned off—Gmail will at least remember to be secure for you.
A final precaution I’ll offer is to just say “No” anytime an application or popup window says it can’t do something because of your HTTPS settings, and offers to turn the setting off for you. This happens frequently with many Facebook applications. If you say Yes to such offers in Facebook, it then goes into your Account Security settings for Facebook and removes the check next to Browse Facebook on a secure connection (https) whenever possible. If you accidentally say yes, then immediately go to your settings and re-enable this.
Does this mean you won’t be able to use some Facebook applications? Yes. That’s what it means. But, it also means that you probably shouldn’t be using those insecure applications to begin with.
For another good article on Wi-Fi safety, see Bob Sullivan’s 5 Traps: How do I use public Wi-Fi safely? – The Red Tape Chronicles – msnbc.com.