Yale ITS wants people to remain sheepish about their private information. ITS sent out an e-mail Tuesday warning students about a Firefox add-on, Firesheep, that can potentially compromise log-in details with Facebook, Twitter, and other popular online services.

Firesheep was released by Seattle web application and software developer Eric Butler to demonstrate how has easy it is to hijack online sessions. The add-on allows people on open Wi-Fi networks to potentially assume the network identity and log-in credentials of anyone else on that same network.

ITS gave pointers to prevent identity theft:

Firesheep is only a threat when a computer is connected to an “open” network (either unencrypted or using a shared key). Examples of open networks include coffee shops, YaleGuest and Yale wireless networks.

How to protect yourself:

  • Avoid public Wi-Fi networks that aren’t encrypted.
  • Do not use the YaleGuest or Yale wireless networks.
  • Use YaleSecure for wireless. Firesheep is not a security threat when connected to a secure encrypted (e.g. WPA/WPA2) Wi-Fi network (such as YaleSecure, YaleWPA/WPA2) or most wired switched Ethernet.
  • Use VPN services like vpntap.com if you absolutely must connect to a public Wi-Fi network.

The short answer to this question is yes, investing in a VPN is worth it, especially if you value online privacy and encryption while surfing the internet. VPNs, or virtual private networks, create a private network for one’s computer while using a public internet connection.

If only we were back in a time when people stole sheep, not log-ins.