{"id":187,"date":"2011-02-23T20:04:05","date_gmt":"2011-02-24T01:04:05","guid":{"rendered":"http:\/\/rud.is\/b\/?p=187"},"modified":"2018-03-10T07:52:58","modified_gmt":"2018-03-10T12:52:58","slug":"herding-firesheep","status":"publish","type":"post","link":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/","title":{"rendered":"Herding [Fire]sheep"},"content":{"rendered":"

By now, many non-IT and non-Security folk have heard of Firesheep<\/a>, a tool <\/a> written by @codebutler which allows anyone using Firefox on unprotected networks to capture and hjijack active sessions to popular social media sites (and other web sites). The sidebar\/extension puts an attactive and easy-to-understand GUI over a process that “real” security people have been using for as long as there has been http-based sessions.<\/p>\n

I’ve been using Firesheep quite a bit in non-echo-chamber demos to help illustrate some of the core issues facing enterprises and individual users. A big question that comes out of each demo is “what can I do to safeguard my access to Facebook?”. I provide quick guidance on-the-spot to interested individuals and wanted to share what I communicate to them here both to help a broader audience and get feedback on other steps users can take to safeguard their connections.<\/p>\n

General Guidance<\/h2>\n

The first action I tell users to take is an anti-action: if at all possible, never <\/strong> use free\/unsecured Wi-Fi connections<\/em>. While there are<\/em> ways of grabbing sessions and other data on wired or secure Wi-Fi networks, the means to do so are beyond the capabilities of most Firesheep users. The danger is still present and you should always consider how much you trust the network you are on when accessing anything on the Internet, but the risk is greatly diminished.<\/p>\n

If users are unable or unwilling to follow that first action (and even if they do avoid insecure networks) I then instruct them to ensure that all services they access always use “https<\/code>“<\/em> (SSL\/TLS) which encrypts the communication and prevents tools like Firesheep from working. It still – much like the first action – doesn’t stop determined & skilled attackers.<\/p>\n

I then caution users on smartphones and tablets to also make sure any applications <\/strong>they use also communicate over SSL<\/em>. This is far too easy to overlook and can leak data just as easily as a web browser. Tablet & smartphone users can also switch to only using 3G connections to make it that much more difficut for otherrs to eavesdrop.<\/p>\n

Finally, I suggest using a virtual private networking (VPN) service<\/em> such as PureVPN<\/a> to secure all their connections – not just browser sessions – on public networks (secured or otherwise). SSL\/TLS connections are potentially susceptible to what is called a man-in-the-middle (MITM) attack [SANS Reading Room<\/a> (PDF)] and one way to mitigate that threat is to use a VPN to secure all network communication using a more robust\/holistic solution. PureVPN (and other, similar good services) are not free, but $5.00-10.00USD per month is not much to pay for personal data security on-the-go.<\/p>\n

The Elephant In The Room<\/h2>\n

\"\"For some reason, even with that general guidance, the whole concept of someone hijacking their Facebook account really scares folks and many end up asking specific question on ensuring their Facebook access is protected. This usually involves walking them through how to check to see if SSL is enabled by Facebook’s service and also how to monitor access to their Facebook account.<\/p>\n

Unsurprisingly, Facebook does not make setting SSL as a default an easy task. It’s unintuitively not under any “privacy” settings. Instead, you need to navigate down to account settings and poke around to get to the right areas. The screen captures below show the navigation sequence. You’ll notice that this account does not have security enabled since it’s the one I use for demos (I do not have a personal Facebook account).<\/p>\n

\n \"Getting<\/a> <\/p>\n

\"Location<\/a> <\/p>\n

\"Facebook<\/a>\n <\/div>\n

You’ll also notice that you can have Facebook send you an e-mail when there is an access to your account from an unknown device and also review recent activity on your account. This gives you the ability to be in control as much or as little as you desire.<\/p>\n

Homeward Bound<\/h2>\n

I usually close with guidance on securing your home Wi-Fi network. Many users still have an aging 802.11b\/g router that barely does wired-equivalent-privacy (WEP) security. Even newer Wi-Fi equipment with Wi-Fi Protected Access (WPA\/WPA2) may not be enough as you or someone else in your house most likely handout the access password to any guest you allow in the residence. Any malware on their systems now has the potential to infect other systems on your network and you have also given the keys to your local security to someone you may not fully trust. Many of the newest Wi-Fi access points – such as Apple AirPort Extreme<\/a>s and Netgear N[3|6]00<\/a>s – provide for the ability to setup both a protected internal network and as open of a guest network as you want. I still suggest ensuring that the guest network be secured as you may be liable<\/a> for any actions taken from your network (protected or otherwise).<\/p>\n

Highway Safety<\/h2>\n

Being safe[r] on the Internet is much lke being safe[r] when driving a car. You need to make sure the fluids are at the right levels, that the tire pressure is sufficient for the driving conditions and that you wear your seatbelt before leaving the driveway. If you don’t regularly perform those tasks you run the risk of significant problems out on the road. You need to get in the habit of doing similar checks when navigating in potentially dangerous network territory as well. It doesn’t help that Facebook cares not a whit about your privacy or security and will seemingly randomly change your settings if it benefits them (or if they are just their usual incompetent selves). Want proof<\/a>? You have to be diligent in the maintenance of all Internet security settings to ensure your consistent, personal online safety.<\/p>\n","protected":false},"excerpt":{"rendered":"

By now, many non-IT and non-Security folk have heard of Firesheep, a tool written by @codebutler which allows anyone using Firefox on unprotected networks to capture and hjijack active sessions to popular social media sites (and other web sites). The sidebar\/extension puts an attactive and easy-to-understand GUI over a process that “real” security people have […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[3,52],"tags":[281,280,100,256,265,276,285,268,178,278,291,270,267,290,286,293,106,194,277,272,273,271,284,283,274,741,288,275,266,289,747,269,279,282,292,287],"class_list":["post-187","post","type-post","status-publish","format-standard","hentry","category-information-security","category-social-networking","tag-3g","tag-aging-802-11bg-router","tag-computer-network-security","tag-cryptographic-protocols","tag-facebook","tag-guest-network","tag-gui","tag-highway-safety-being","tag-http","tag-insecure-networks","tag-internet","tag-internet-security-settings","tag-man-made-disaster","tag-nintendo-wi-fi-connection","tag-not-make-setting-ssl","tag-online-social-networking","tag-password","tag-pdf","tag-personal-online-safety","tag-protected-internal-network","tag-public-networks","tag-similar-good-services","tag-smartphone","tag-smartphones","tag-social-media-sites","tag-ssl","tag-tunneling-protocols","tag-unknown-device","tag-usd","tag-virtual-private-network","tag-vpn","tag-web-browser","tag-wep","tag-wi-fi","tag-wireless-access-point","tag-wireless-networking"],"yoast_head":"\nHerding [Fire]sheep - rud.is<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Herding [Fire]sheep - rud.is\" \/>\n<meta property=\"og:description\" content=\"By now, many non-IT and non-Security folk have heard of Firesheep, a tool written by @codebutler which allows anyone using Firefox on unprotected networks to capture and hjijack active sessions to popular social media sites (and other web sites). The sidebar\/extension puts an attactive and easy-to-understand GUI over a process that “real” security people have […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\" \/>\n<meta property=\"og:site_name\" content=\"rud.is\" \/>\n<meta property=\"article:published_time\" content=\"2011-02-24T01:04:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-03-10T12:52:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif\" \/>\n<meta name=\"author\" content=\"hrbrmstr\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"hrbrmstr\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\"},\"author\":{\"name\":\"hrbrmstr\",\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"headline\":\"Herding [Fire]sheep\",\"datePublished\":\"2011-02-24T01:04:05+00:00\",\"dateModified\":\"2018-03-10T12:52:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\"},\"wordCount\":952,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"image\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif\",\"keywords\":[\"3G\",\"aging 802.11b\/g router\",\"Computer network security\",\"Cryptographic protocols\",\"Facebook\",\"guest network\",\"GUI\",\"Highway Safety Being\",\"http\",\"insecure networks\",\"Internet\",\"Internet security settings\",\"Man-Made Disaster\",\"Nintendo Wi-Fi Connection\",\"not make setting SSL\",\"Online social networking\",\"Password\",\"PDF\",\"personal online safety\",\"protected internal network\",\"public networks\",\"similar good services\",\"smartphone\",\"smartphones\",\"social media sites\",\"SSL\",\"Tunneling protocols\",\"unknown device\",\"USD\",\"Virtual private network\",\"VPN\",\"web browser\",\"WEP\",\"Wi-Fi\",\"Wireless access point\",\"Wireless networking\"],\"articleSection\":[\"Information Security\",\"Social Networking\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\",\"url\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\",\"name\":\"Herding [Fire]sheep - rud.is\",\"isPartOf\":{\"@id\":\"https:\/\/rud.is\/b\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif\",\"datePublished\":\"2011-02-24T01:04:05+00:00\",\"dateModified\":\"2018-03-10T12:52:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif?fit=249%2C249&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif?fit=249%2C249&ssl=1\",\"width\":\"249\",\"height\":\"249\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/rud.is\/b\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Herding [Fire]sheep\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/rud.is\/b\/#website\",\"url\":\"https:\/\/rud.is\/b\/\",\"name\":\"rud.is\",\"description\":\""In God we trust. All others must bring data"\",\"publisher\":{\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/rud.is\/b\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886\",\"name\":\"hrbrmstr\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"url\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\",\"width\":460,\"height\":460,\"caption\":\"hrbrmstr\"},\"logo\":{\"@id\":\"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1\"},\"description\":\"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7\",\"sameAs\":[\"http:\/\/rud.is\"],\"url\":\"https:\/\/rud.is\/b\/author\/hrbrmstr\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Herding [Fire]sheep - rud.is","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/","og_locale":"en_US","og_type":"article","og_title":"Herding [Fire]sheep - rud.is","og_description":"By now, many non-IT and non-Security folk have heard of Firesheep, a tool written by @codebutler which allows anyone using Firefox on unprotected networks to capture and hjijack active sessions to popular social media sites (and other web sites). The sidebar\/extension puts an attactive and easy-to-understand GUI over a process that “real” security people have […]","og_url":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/","og_site_name":"rud.is","article_published_time":"2011-02-24T01:04:05+00:00","article_modified_time":"2018-03-10T12:52:58+00:00","og_image":[{"url":"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif","type":"","width":"","height":""}],"author":"hrbrmstr","twitter_card":"summary_large_image","twitter_misc":{"Written by":"hrbrmstr","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#article","isPartOf":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/"},"author":{"name":"hrbrmstr","@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"headline":"Herding [Fire]sheep","datePublished":"2011-02-24T01:04:05+00:00","dateModified":"2018-03-10T12:52:58+00:00","mainEntityOfPage":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/"},"wordCount":952,"commentCount":2,"publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"image":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage"},"thumbnailUrl":"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif","keywords":["3G","aging 802.11b\/g router","Computer network security","Cryptographic protocols","Facebook","guest network","GUI","Highway Safety Being","http","insecure networks","Internet","Internet security settings","Man-Made Disaster","Nintendo Wi-Fi Connection","not make setting SSL","Online social networking","Password","PDF","personal online safety","protected internal network","public networks","similar good services","smartphone","smartphones","social media sites","SSL","Tunneling protocols","unknown device","USD","Virtual private network","VPN","web browser","WEP","Wi-Fi","Wireless access point","Wireless networking"],"articleSection":["Information Security","Social Networking"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/","url":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/","name":"Herding [Fire]sheep - rud.is","isPartOf":{"@id":"https:\/\/rud.is\/b\/#website"},"primaryImageOfPage":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage"},"image":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage"},"thumbnailUrl":"https:\/\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif","datePublished":"2011-02-24T01:04:05+00:00","dateModified":"2018-03-10T12:52:58+00:00","breadcrumb":{"@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#primaryimage","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif?fit=249%2C249&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2011\/02\/facebook-icon1.gif?fit=249%2C249&ssl=1","width":"249","height":"249"},{"@type":"BreadcrumbList","@id":"https:\/\/rud.is\/b\/2011\/02\/23\/herding-firesheep\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/rud.is\/b\/"},{"@type":"ListItem","position":2,"name":"Herding [Fire]sheep"}]},{"@type":"WebSite","@id":"https:\/\/rud.is\/b\/#website","url":"https:\/\/rud.is\/b\/","name":"rud.is","description":""In God we trust. All others must bring data"","publisher":{"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/rud.is\/b\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/rud.is\/b\/#\/schema\/person\/d7cb7487ab0527447f7fda5c423ff886","name":"hrbrmstr","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","url":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","contentUrl":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1","width":460,"height":460,"caption":"hrbrmstr"},"logo":{"@id":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2023\/10\/ukr-shield.png?fit=460%2C460&ssl=1"},"description":"Don't look at me\u2026I do what he does \u2014 just slower. #rstats avuncular \u2022 ?Resistance Fighter \u2022 Cook \u2022 Christian \u2022 [Master] Chef des Donn\u00e9es de S\u00e9curit\u00e9 @ @rapid7","sameAs":["http:\/\/rud.is"],"url":"https:\/\/rud.is\/b\/author\/hrbrmstr\/"}]}},"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p23idr-31","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":703,"url":"https:\/\/rud.is\/b\/2011\/12\/29\/three-resolutions-for-mac-os-x-users\/","url_meta":{"origin":187,"position":0},"title":"Three Resolutions For Mac OS X Users","author":"hrbrmstr","date":"2011-12-29","format":false,"excerpt":"In 2011, we saw a large increase in web site exploits that exposed private user data as well as a breakdown in the trust of SSL (for various reasons) and the introduction of real malware on to the OS X scene. If there were just three things I could ask\u2026","rel":"","context":"In "Firewall"","block_context":{"text":"Firewall","link":"https:\/\/rud.is\/b\/category\/firewall\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7246,"url":"https:\/\/rud.is\/b\/2017\/11\/23\/black-cyber-tips-a-k-a-how-the-hrbrgrinch-ruined-christmas-shopping\/","url_meta":{"origin":187,"position":1},"title":"“Black”\/”Cyber” Tips (a.k.a. How the hrbrgrinch ruined Christmas shopping)","author":"hrbrmstr","date":"2017-11-23","format":false,"excerpt":"NOTE: This is mainly for those of us in the Colonies, but some tips apply globally. Black Friday \/ Cyber Monday \/ Cyber November \/ Holiday ?hopping is upon us. You're going to buy stuff. You're going to use digital transactions to do so. Here are some tips in a\u2026","rel":"","context":"In "Cybersecurity"","block_context":{"text":"Cybersecurity","link":"https:\/\/rud.is\/b\/category\/cybersecurity\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":589,"url":"https:\/\/rud.is\/b\/2011\/06\/14\/weis-2011-session-2-identity-social-networks-personalized-advertising-privacy-controls\/","url_meta":{"origin":187,"position":2},"title":"WEIS 2011 :: Session 2 :: Identity :: Social Networks, Personalized Advertising & Privacy Controls","author":"hrbrmstr","date":"2011-06-14","format":false,"excerpt":"Catherine Tucker Presentation [PDF] Catherine's talk was really good. She handled questions well and is a very dynamic speaker. I'm looking forward to the paper. Twitter transcript #weis2011 Premise of the study was to see what impact privacy controls enablement\/usage have on advertising. It's an empirical study #data! #weis2011 click\u2026","rel":"","context":"In "Information Security"","block_context":{"text":"Information Security","link":"https:\/\/rud.is\/b\/category\/information-security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9584,"url":"https:\/\/rud.is\/b\/2018\/04\/13\/does-congress-really-care-about-your-privacy\/","url_meta":{"origin":187,"position":3},"title":"Does Congress Really Care About Your Privacy?","author":"hrbrmstr","date":"2018-04-13","format":false,"excerpt":"I apologize up-front for using bad words in this post. Said bad words include \"Facebook\", \"Mark Zuckerberg\" and many referrals to entities within the U.S. Government. Given the topic, it cannot be helped. I've also left the R tag on this despite only showing some ggplot2 plots and Markdown tables.\u2026","rel":"","context":"In "Commentary"","block_context":{"text":"Commentary","link":"https:\/\/rud.is\/b\/category\/commentary\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/04\/privacy-final.png?fit=1200%2C1045&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/04\/privacy-final.png?fit=1200%2C1045&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/04\/privacy-final.png?fit=1200%2C1045&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/04\/privacy-final.png?fit=1200%2C1045&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/rud.is\/b\/wp-content\/uploads\/2018\/04\/privacy-final.png?fit=1200%2C1045&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":588,"url":"https:\/\/rud.is\/b\/2011\/06\/14\/weis-2011-session-2-identity-the-inconvenient-truth-about-web-certificates\/","url_meta":{"origin":187,"position":4},"title":"WEIS 2011 :: Session 2 :: Identity :: The Inconvenient Truth About Web Certificates","author":"hrbrmstr","date":"2011-06-14","format":false,"excerpt":"Nevena Vratonjic Julien Freudiger Vincent Bindschaedler Jeane-Pierre Hubaux Presentation [PDF] Twitter transcript #weis2011 Overview of basic ssl\/tls\/https concepts. Asking: how prevalent is https, what are problems with https? #weis2011 Out of their large sample, only 1\/3 (34.7%) have support for https, login is worse! only 22.6% < #data! #weis2011 (me)\u2026","rel":"","context":"In "Certificates"","block_context":{"text":"Certificates","link":"https:\/\/rud.is\/b\/category\/certificates\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":127,"url":"https:\/\/rud.is\/b\/2011\/02\/14\/metricon-automated-incident-reporting\/","url_meta":{"origin":187,"position":5},"title":"Metricon: Automated Incident Reporting","author":"hrbrmstr","date":"2011-02-14","format":false,"excerpt":"Speaker: Juhaniu Eronen \"The Autoreporter Project\" - Background Goal: make finland mostly harmless to the rest of the internet (that's actually in the law - Protection of Privacy in Electronic Comms\/Finland) \u00a0 \/me: I'll need to put some verbiage around this tonight to give you a good picture of what\u2026","rel":"","context":"In "Information Security"","block_context":{"text":"Information Security","link":"https:\/\/rud.is\/b\/category\/information-security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/187","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/comments?post=187"}],"version-history":[{"count":0,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/posts\/187\/revisions"}],"wp:attachment":[{"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/media?parent=187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/categories?post=187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rud.is\/b\/wp-json\/wp\/v2\/tags?post=187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}