Interesting post about using public wifi connections is dangerous even when using https connections. The only way is VPN. It’s a shame that VPN will mean nothing to non-geeks- it needs to be made easier for people to use and we need to communicate the security concerns to people.
Originally shared by Derek Ross
[Security]
Another reason to always use a VPN if you absolutely must connect to an Open WiFi network. (WPA2 Enterprise is your only safe bet.)
A new variant of Firesheep has surfaced. Firesheep allows users to easily exploit unencrypted network traffic if they are sharing the same WiFi hotspot as you. The new version is aimed at exploiting Google’s Web History feature.
Although you need to be logged in to make use of Web History, it does not require an encrypted (HTTPS) connection. This flaw can allow attackers to find out what you’ve been searching for, who your social contacts are and who’s in your Gmail address book.
Don’t know what Firesheep is? More info here: http://goo.gl/yEcU, http://goo.gl/lUhNq
