TORONTO - A year and a half after a well-intentioned software developer revealed that anyone can easily hack into Facebook profiles while using free Wi-Fi networks, the security breach is still very much in play.
Every time you use a free unsecured wireless network in public — one that doesn't require a password to log in — a fellow user could be waiting for you to log into Facebook, Twitter or a blogging platform so they can take over the account with a simple click. Even some password-protected networks could be open to attack, depending on the level of encryption the operator selected.
The free hacking tool is called Firesheep and although some major websites have altered their security platforms to fight against it, many users are still exposed to the threat.
Facebook, Twitter and some other sites have addressed the vulnerability by implementing better security — known as HTTPS, which thwarts Firesheep and other hacking tools — but it's not a default setting and not all users know they can turn it on.
Toronto-based Chris Houston was well aware of the security risks every time he did business on the road, which inspired him to launch SurfEasy, a type of USB stick that enables secure, encrypted web surfing on any network.
"I came up with the idea really because I was looking for the solution myself," said Houston.
"It always kind of bothered me that the information I'd be sending across all the different networks I was using (could be vulnerable) and who might be looking at that. So I started to think of a solution ... where I could protect the privacy of the information I was accessing and sending across those networks and leave that computer and not have anything left behind."
When SurfEasy is plugged into a USB port of a PC or Mac, it opens up a special browser that encrypts all the data that's sent and received while using the Internet, including usernames and passwords, emails and web history.
It sells for $59.99 and includes up to two gigabytes of data encryption a month, which is plenty for basic web surfing without streaming a lot of audio or video.
The product was launched on the crowd-funding website Kickstarter, with Houston seeking a $12,500 investment from web users. In exchange for a $50 donation, supporters would get one of the first SurfEasy units out of production. The fundraising campaign ended up earning nearly $70,000 with almost 1,100 users pledging their support.
"We got some early indications that there was a lot of interest for this type of product and on Kickstarter, we had just phenomenal success," he said, "it was about eight times what we projected it to do."
Houston is primarily targeting consumers and small- to medium-sized businesses as the full commercial launch of SurfEasy is now being launched.
"There's things that have been out there for enterprises to secure their mobile workforce, there's stuff for the uber geek who's comfortable hacking together their own thing, but there wasn't anything good I saw that was a consumer plug-and-play easy to use solution," he said.
"We wanted to make it accessible and in the range of what we thought was affordable to the consumer."
Facebook and Twitter users can better protect their digital security by turning on HTTPS browsing. On Facebook, click on Account Settings, the Security tab, and then enable Secure Browsing. On Twitter, click on Settings, and enable Always use HTTPS.