| By Woody Leonhard |
I’m happy to report that Hotmail finally — finally — offers an optional secure Internet connection.
There’s just one little problem: enabling secure Hotmail breaks other features and applications you might need.
The poster child for unsecured Web activities
In my Nov. 4 Top Story, I talked about how to secure your wireless connections so that prying eyes could not see everything you do on the Internet. I singled out Hotmail as an example of a site that does everything in the clear, allowing your mail to be read by any knowledgeable eavesdropper.
This appalling lack of secure transmissions hit home for many PC users about a month ago when Eric Butler released a Firefox add-in (info page) called Firesheep — an app that makes it a coupla-clicks easy to snoop on anybody connected to an open Wi-Fi system.
Since Eric’s add-in hit the stands, possibly thousands of Firesheep users have — while sitting in coffee shops, at work, and even at home — watched other peoples’ e-mail go by over open Wi-Fi connections or looked at other folks’ Facebook, Flickr, or Twitter entries. The threat goes beyond just watching; an eavesdropper can start acting like you, sending e-mail in your name, posting on Facebook walls, uploading pictures to your account.
There are three ways to prevent this personal-information theft called sidejacking: keep others out of the Wi-Fi router you’re using (hard to do in a public place), encrypt everything you do with something like a Virtual Private Network (the subject of my Nov. 4 Top Story), or confine your Web surfing to secure sites — ones that use the HTTPS protocol.