Firesheep and social network security: What users need to know

Social network security is all the talk this month, as Firefox recently launched it’s Firesheep plugin.  In a nutshell, the new plugin makes it possible for users to hijack other people’s social network connections if they are using a public Wifi connection.

How does it work?  Most social networks, including Facebook,  authenticate clients with cookies. If someone is using a public WiFi connection, the cookies are sniffable. Firesheep uses wincap to capture and display the authentication information for accounts it sees, allowing the user to hijack a connection.

Sounds like a potential problem for social network users in airports, hotels and the other 1,000,000,000 places that offer public Wifi.  And how about businesses that employ remote agencies, consultants or employees to manage their social networks?

Fortunately, there are a few ways to protect yourself or your business from social network hijackers.  The most basic include:

1) Only visiting sites using HTTP Secure (beginning with https://), which make user cookies invisible to Firesheep.

2) Downloading the Firefox extension Force-TLS,  where you can assign and force which sites you want to use the HTTPS protocol.

3) Trying a program like HTTPS Everywhere, which forces every website you visit to use HTTPS protocol.

What about those who own or manage social network or other hijackable websites?  In order to protect your users and keep your website secure, try adding a SSL certificate to your website.  A Secure Link SSL certificate from No-IP.com shows visitors that your web site is safe for them to submit their personal data.  Regardless if you have a static or dynamic IP address or are running public or secure Wifi, No-IP offers the best value in SSL certificates.

Cyber security legislation: Necessary governance or unnecessary control?

Let’s face it–  the internet is a big, open, and sometimes scary place.  With all of it’s knowledge and  information sharing potential comes the threat of intellectual property loss, cyberattacks, and widespread security risks.  Still,  we rely on internet use every day for news, work and information of all sorts.  The rise of citizen and social media has created an open window to the state of the world we live in– Twitter has become our daily newspaper and blogs are the new memo pads.   Which is why (given the apparent risks involved) we can’t imagine completing many every day activities without it.

How would you feel if an organization had the power or authority to take control over or shut down this information for public safety?  What if they created a screen to protect us from explicit content like a parental control on cable tv?  Certain domains would be off limits like PG-13 or R ratings, or worse, the TV shuts off completely.  Would you begin to question the veracity or truth behind the internet?  Or wonder if our “open” web was starting to close?

These are questions many people are asking themselves as the recent “kill switch” bill works through US legislation.  The bill would essentially provide our government the authority to shut down the internet in times of crisis or attack.   It’s an interesting debate that has been brought up this year and continues to make headlines as new officials are voted into government this week.

Should we give up our web surfing freedom for protection from cyber attack?   What are your thoughts on issue of cyber security legislation?

How do you use No-IP DNS services?

Regardless if you have a dynamic or static IP address, No-IP DNS services ensure you reach your destination on-time, every-time. From basic website, blog or FTP hosting to remote device or PC access, the services are simple to use and difficult to ignore.

How do you benefit from using No-IP DNS services?

  • Ease of telecommuting with remote access to PC
  • Reliable hosting for my website, FTP site or blog
  • Increased connectivity to devices (i.e. game servers, security cameras, handhelds)

Please take the survey or share your comments below.

How Does Dynamic DNS Work?

A question we’re often asked by our customers is how does DDNS work?

Most people have dynamic IP addresses, which makes it difficult to access their network, website, or every-day devices (such as a home file server,  home automation system, or security camera).  To solve this issue, a DDNS service (Dynamic Domain Name Service) can supply a continually updated address, allowing the user to type in a constant, static, easy-to-remember name that ensures they will be connected.

What is a Domain Name Service?  DNS is like a white pages directory for the Internet. You supply a name, it supplies a number. The name, in this case, is specifically a hostname and the number is an IP address.

So how does it work?  Here’s an example:

John has a computer with a dynamic IP address running a webserver, and his friend Jane wants to see his web page.

1) John tells Jane that the hostname of his computer is john.ddns.net. Jane types http://john.ddns.net into her browser.

2) Her computer then contacts her ISPs DNS server to get the number for john.ddns.net.

3) Her ISP’s DNS server asks No-IP for the address of john.ddns.net.

4) She receives the number and connects to John’s web page.

5) To be sure Jane got the right number, John has an update client provided by No-IP running on his computer. This update client informs No-IP.com when his IP address changes so that Jane will get the right number. It assures that John’s often changing Internet address, his IP address, can always be found by Jane when she uses john.ddns.net. as the hostname.

 

10 Million and Counting…

A lot has changed since 1999– the Internet has transformed how people communicate and how businesses create value.   Kindles and iPads are quickly replacing books and magazines as knowledge and news sharing devices, and we as users are finding it more and more challenging to make the best decisions with our rapidly growing options.  The world is changing fast and we’ve got to be ready to move with it.

Lucky for us, some important things have remained the same.   Since our beginning, No-IP has had the same mission of providing cost effective, high quality web services for our customers using the latest technology.  And this month, we are proud to announce a new milestone– we’ve just hit our 10 million user mark.

We want to extend a sincere thank you to all of our customers- both new and old- for their continued support over the years.  And we hope you’ll celebrate the occasion with us.  For a limited time, we’re offering substantial savings off our Plus and Enhanced packages, giving you more reason to experience all the great benefits our DDNS  services have to offer.

Cheers to the next 10 million– and all the other untapped technology and internet inspiration the future has in store.

– The No-IP Team