In most free WiFi areas, users are vulnerable to hacking and sniffing. However it is possible to be safe from this only if the providers of this net set a password for their WiFi. For instance, a researcher who had traveled to Hong Kong found that most public parks had a government provided WiFi. Though he was warned beforehand to be careful when joining such open networks, he joined apprehensively. Upon reaching the welcome page he was guided to that networks encrypted adaptation with a password which was freegovwifi. Later, he found that this was in fact a government provided service introduced to protect logger from potential internet baddies.
This should become the norm for all intents and purposes when it comes to open internet networks. Even, Chet Wisniewski, a security researcher at Sopho believes that businesses such as Starbucks and hotels that provide free WiFi are putting their customers at a high risk of being hacked and attacked by giving open access to their network. By simply putting a password with the word free, the world can become a much better and safer place due to user information being kept safe and secure. However, this raises the question as to how valuable a password would be if just about everyone knows it? WPA2 argues that a unique encryption connected to every computer will hinder any two used from spying on each other’s traffic regardless of the fact that the access point being shared is the same.
Wisniewski’s proposed this idea after the launch of Firefox’s extension, Firesheep. It is software that makes sniffing sent cookies in an unencrypted WiFi network much easier. Firesheep basically scouts out other loggers and then on a bar to the side it lists the login details of the users it has identified. This allows users having Firesheep to log in at the same time and as those individuals immediately. However, there is an extension now called Blacksheep that can fight the Firesheep, but only people few people are aware of this, only those who are expert Firefox users and knew about the Firesheep may be in the know of this new safety measure, all others are subjected to a higher risk of violation.
While Wisniewski does not think of Firesheep as the best of approaches to make service providers realize the need for SSL or TLS in order to protect their users, but he agrees that it served its purpose. It is up to high profile businesses to take that certain precautionary measure for its customers, by putting a simple password that will safeguard the free internet networks, though this will not impede Firesheep from sniffing logins, it’s still a positive step forward.