subscribe: Posts | Comments

Social Media Security: Firesheep and other scary new developments

Comments Off on Social Media Security: Firesheep and other scary new developments

As always, there have been a variety of new stories swirling around social media and its discontents over the past week.  This week, the big stories have been all about security:

  1. Firesheep: A software developer created a Firefox extension that allows users to easily abscond with cookie information over Wi-Fi networks.  The creator claims that his invention is harmless.  Others argue that it violates wiretapping statutes.  Everyone agrees that it is a dramatic development, especially because half a million people downloaded it in the first week.  Perhaps that open Wi-Fi network doesn’t look so appealing anymore…
  2. A report circulatedthat Twitter, Facebook and others in the industry are not doing enough to combat security threats like, um, Firesheep.
  3. Sensing a theme, another developer announced “Idiocy” designed to hijack the computers of “unsafe” Twitter users and tell them that they’re…well…idiots.
  4. Random journalists and bloggers are now hijacking accounts, just to show that they can.  Now that waterboarding yourself has become passe, journalists have been forced to actually become tech savvy, apparently.  I will predict that we can look forward to Katie Couric using Firesheep to look at the Facebook account of Glenn Beck sometime during sweeps week.

So what does all of this mean?  It means that users of social media and — quite frankly — any non-encrypted website through public Wi-Fi networks need to strongly consider either using VPNs (virtual private networks) or encrypted connection programs like HTTPS Everywhere

This should hardly be a surprise, of course.  The earliest cyberspace sagas (like Neuromancer) were focused on hackers breaking into secured computer networks.  At this point, the hacker is a cultural archetype.  Now that everyone is on a computer network (social media has sped the trend to an almost surreal extent), it only makes sense that these efforts would be further democratized.  Now everyone can be a hacker.

This is not one of those stories that has a simple, happy ending.  Everyone needs to be aware, and everyone needs to be cognizant of the risks.  The sophistication of security measures increases no faster than the sophistication of folks who want to look at or steal your information.  As Prof. Moody would tell us, “constant vigilance” is the only recommended course of action — for all of us.