How To Protect Against Firesheep Attacks

Monday we mentioned Firesheep, a plug-in that trivializes ID spoofing on social networks. Since then various security researches have come out to suggest How to Protect Yourself against Firesheep Attacks (submitted by Batblue). Of course the advice is pretty obvious: Don't use free Wi-Fi, use SSL, or a VPN. It seems to me that the big sites should start by redirecting all non-SSL traffic to https automatically. If you want to be insecure, you'd have to explicitly state that you can't encrypt for some reason.

Re:Let's just encrypt everything all the time

[Bert64]

You can get a wildcard certificate relatively cheaply which would be valid for any subdomain of slashdot.org, StartSSL charge $50 for 2 years for instance (and they offer normal non wildcard certs for free).