So you’re using Mozilla’s Firefox web browser, and you feel that glow of confidence about you. That warm feeling that tells you that your web surfin’ is more secure than those other guys using that .. other web browser. More secure? Well…
It’s been a lazy past two days writing for me. I’ve rarely strayed further than my news feeds. So I do today as I did yesterday. And on this occassion, I happen upon an interesting topic over on David Bradley’s Science Text concerning Firefox security issues:
“Using certain Firefox addons, such as the popular Google, Facebook, and LinkedIn Add-Ons, could leave your computer open to hackers, according to security expert and Indiana University graduate student in informatics Christopher Soghoian…”
The list is littered with some big names, which is a cause for concern itself. You’d expect the big guys to get that stuff right, wouldn’t you?
“This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers,” says Soghoian…”
The implications here are immense. Quite sobering, in fact.
Good job I’m using OpenDNS then, isn’t it?
Additionally, this could be the very tip of a whole new class of Internet fraud.
Quite aside from the security vulnerabilities of the Add-Ons for Firefox, it’s the DNS issues that concern me the most.
It’s through these connections to the Internet that all kind of crazy things could happen, not least criminal activities.
Right now, moves are afoot in the USA to make wireless access a municipal service. The traveler, the business man & woman, the kids with the open parkland in a major town or city, municipal wireless access is is a real boon. You can access the Internet wirelessly and not have to worry about cables and stuff.
Your network is wherever you are.
Sounds almost like a slogan, doesn’t it?
Problem is, your chances of being violated by some virtual villain wherever there’s an open wireless network could potentially increase greatly.
Here’s where security vulnerabilities and the exploitation thereof could very well get all up-close & personal.
What’s to stop some entrepreneurial Internet fraudster setting up their own wireless networks? We’ve all heard of Wardriving, right?
“Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect the networks.”
Right now, this kind of thing is probably only economical for the criminals if they target large commercial districts with weak or totally insecure wireless networks.
But what happens when we have municipal wireless networking? Pulling people out of their homes, onto street corners, cafes, parks, busses, or almost anywhere within range of a wireless signal.
Suddenly, the economics shift in favour of this cabal or criminals free of cables, wirelessly wandering through the web, wondering whose laptop to lurk inside and steal sensitive stuff from next…