Firefox Add-on squeezes out wi-fi hackers

Carnegie Mellon boffins release free fix for 'man in the middle' attacks

TODO alt text

It's a nasty old digital world out there, what with 'man in the middle' hackers intercepting your Wi-Fi signals and criminal gangs spoofing DNS entries to redirect banking traffic to compromised websites.

So a big round of applause for researchers at Carnegie Mellon University, who have just released an add-on for Firefox 3 that promises to restore your faith in the internet.

Perspectives employs a set of friendly sites that independently check whether they're receiving the same authentication information (digital certificates) from online banking, retail and other financial websites.

If one notary gets different information than the browser or other notaries, it is possible that an attacker has compromised the connection – either by 'spoofing' Domain Name System (DNS) entries or possibly because you've accidentally logged on to a malicous Wi-Fi hotspot pretending to a genuine provider. In either case, Perspectives will alert you.

Self-signing confusion

More annoying for many careful surfers, though, will be the regular stream of warnings that Firefox pops up for sites using self-signed certificates. Perspectives can handle these too, checking with notary sites that they are all receiving the same certificate information, and automatically over-riding Firefox's lengthy exception process.

"Perspectives provides an additional level of safety to browse the internet," says Adrian Perrig, associate professor of electrical and computer engineering and public policy at Carnegie Mellon. "To the security conscious user, that is a significant comfort." Or then again, perhaps it's a great big scam, with profs at the university hoping to supplement their meagre teaching income with some dodgy banking scams. Decide for yourself at www.cs.cmu.edu/ perspectives/firefox.html.