shearing firesheep with the cloud

Eugen Leitl eugen at
Fri Dec 3 08:56:18 PST 2010

(old hat, but posting the recipe doesn't hurt) 

Shearing FireSheep with the Cloud

Friday 3 December 2010 - Filed under Apple + Cloud + EC2 + Encryption +
Privacy + wireless

If your laptop ever connects to a network behind enemy lines (e.g. hhonors,
attwifi, panera), this post is for you. The step-by-step directions below
allow you to stand up a portable, cloud-based private VPN that you can use
from anywhere b for around $0.50 a month. Once you get everything setup, you
can feel good connecting to a hotspot and laugh at the guy running FireSheep.

Speaking of Firesheep, Ibve actually had some people close to me (including
my wife) ask how they can prevent these types of attacks from happening.
There are some nice boff-the-shelfb solutions like HTTPS Everywhere and
BlackSheep but as a security professional I wanted to give a recommendation
that would provide broader coverage than these solutions.

Enter Amazonbs recently introduced Free Tier for EC2. Ibll save my thoughts
and comments on bThe Cloudb and security for a later date (and after a couple
of beers), but for the purposes of this solution, it works great to help you
increase your security while using open wireless networks. Quite simply, the
solution I came up with was to create an EC2 instance with Ubuntu 10.04 LTS
server and setup OpenVPN and SideStep. This allows me to route all of my
traffic over an SSL or SSH VPN to my EC2 instance and then out to the


More information about the Testlist mailing list