The Firesheep plug-in for Firefox has done an admirable job of illustrating the insecurity of public Wi-Fi, just as its creators intended. Now that it’s out there in the wild, however, the question for users is how to protect their sensitive information.
On the Windows side, pretty much all we’ve seen so far have been tools that simply alert you when Firesheep is being used on the network you’re connected to. Unfortunately, they don’t go beyond that to actually protect your data.
For Linux users, however, the situation is better. A free new solution from security firm Sophos lets users of the open source operating system “browse over unencrypted Wi-Fi access points with no more risk than you’d browse at home,” according to its blog post from earlier today.
It takes only 60 seconds to set up, even for users on the road, and it works even if you’re already working over unencrypted Wi-Fi, the company says.
Sophos’s solution centers on a 120-line Python http proxy hosted at a URL in Japan. Users begin by visiting that URL and then cutting and pasting the proxy into an editor and saving it, resulting in a 4500-byte file.
Next, users secure-copy that file onto the shell server on their home network so they can run the proxy remotely, away from the insecure Wi-Fi network. They then start that proxy with an encrypted SSH tunnel so they can send and receive the http content securely from that insecure Wi-Fi network to their home network, where the browsing requests will actually take place.
In Video: Big Security for Small Business
Users then simply tell their browser that they’re going to surf over that SSH tunnel to the remote proxy, effectively allowing them to browse the Web from the airport or wherever via the security of their home network.
A YouTube video demonstrates the process involved, including the specific commands and Firefox settings.
The Linux Advantage
Linux users already enjoy many widely acknowledged security advantages over their Windows counterparts, so it’s nice to see one more such benefit in the world of Wi-Fi.
As for Windows users? They’d probably do well to consider Wi-Fi alternatives such as tethering or MiFi, at least when dealing with sensitive data.