Skip to main content


Using Meerkat to secure wireless web browsing

A hot topic in the news today is Firesheep, a Firefox web browser extension that takes advantage of a security vulnerability in many popular websites like Twitter and Facebook and allows you to login to those sites as any other user on the network! This makes use of the practice of exchanging login information for web browser cookies that are then used to gain access, but which on open networks are subject to interception and reuse by other parties.

Our SSH tunnel manager Meerkat has always supported the ability to secure your web browsing on open networks. It does this with what's called a SOCKS proxy. The basic idea is you tell Mac OS X to use a proxy server, your web browser proxies all website requests through this server, and the server makes the actual requests for information to the website. The connection between your browser and the proxy server is encrypted via SSH, providing a workaround to network-based snooping.

Here's how to set it up:

Step 1: Add an SSH account to Meerkat

If you have an SSH account through your web hosting provider or someplace else, add the details to a new Meerkat account. [screenshot]

Step 2: Add a tunnel to Meerkat that uses this account

Be sure to check the Dynamic forwarding option and choose a high port (something in the 6000-9000 range is ideal) for the tunnel. [screenshot]

Step 3: Configure a SOCKS proxy in Network settings

In the System Preferences application, choose Network, then the AirPort connection, then Advanced... settings. Choose the Proxies tab, then SOCKS Proxy, then enter as the hostname (this means the local computer, where the tunnel endpoint resides) and the port number from above. Choose OK, then Apply to apply the changes. [screenshot 1] [screenshot 2]

Step 4: Browse the web securely!

Just activate the tunnel in Meerkat. All web browser traffic will now go through the SSH account that you setup.

While these steps are a little involved, unfortunately web browser proxies aren't a simple procedure. One way that this can be automated is with Meerkat's free plugin for NetworkLocation, an application that can apply settings based on physical location changes. You can get the plugin in the NetworkLocation website's "Extras" section or from the sidebar on Meerkat's web page.

Have any questions about this? See the Meerkat support forums if you need a hand and we'll try to help out!

Happy -- and safe -- surfing!

Update: I've also heard tips from Meerkat users about setting their SOCKS tunnel to automatically start when using a particular web browser. Meerkat supports associating a tunnel with an app so that when the app stats, the tunnel is enabled and when it is quit, the tunnel is disabled. This is another great option to help with auto-configuration.

Twitter in review

Posted in

One service that I've absolutely come to love in the past year is Twitter. I was a bit skeptical of it at first when I was introduced to it at South By Southwest in March. I met Alex, formerly of DC and now one of Twitter's engineers, and chatted about it a bit, plus lots of my friends were using it, but it just didn't seem like it was worth any time that I would put in. I mean, I get blogs and other expressions of day-to-day happenings that get put online, but I really didn't think anyone would care that I was "heading out to get a coffee" or "having trouble getting this thing to work" while working throughout the day.

However, later in the year, Twitter gradually became an indispensable part of my workday. I now use it as a sounding board with my colleagues, many of whom also work at home, and it's as near as I can come to having them as officemates. While things like chatrooms and IRC have existed, I found that I would have to go into a sort of conversation "mode" in order to use them, making them my primary task, so I didn't bother since this was very distracting. Whereas with Twitter (and the wonderful Twitterrific combined with Growl) on the desktop, I see snippets of conversation go by and I can either tune them out for a period while concentrating or take a moment to catch up and maybe reply. I've found innumerable answers to questions, met new people, discovered interesting places to go, and I've been able to help others in the same ways over the past months. I very much agree with the Iconfactory's Gedeon:

Twitter has allowed me to stay in touch with dear friends from college that have long since moved away. Twitter gives me a sounding board to bounce ideas off peers, is a reliable source for general knowledge, and lets me stay on top of the latest breaking news from around the world. But perhaps more than anything, it allows me to connect with like-minded individuals.

Naturally when I saw this Twitter stats script, I was intrigued to see what my numbers looked like. Call it internet naval-gazing, but I find it interesting to see who I had conversations with and how useful Twitter was to me over time.

See below for the stats and a couple comments on them.

My top Twitter conversation partners

My top Twitter conversation partners
Mostly other Mac developers (click for larger screenshot)

My top Twitter conversation partners

My top Twitter reply recipients
Again, mostly other Mac developers (click for larger screenshot)

My Twitter usage by weekday

My Twitter usage by weekday
Not much unexplained data here (click for larger screenshot)

My hourly Twitter usage

My hourly Twitter usage
Looks like I start on Twitter after catching up in the morning, plus occasionally have some late nights (click for larger screenshot)

My Twitter monthly usage

My Twitter monthly usage
You can see how my Twitter use really took off around this year's C4 conference, slowed while I travelled three weeks of September for work & vacation, and then continued to grow through the end of the year (click for larger screenshot)

If you'd like to find out more about Twitter, you can start with their FAQ or follow their blog.

Thanks, Twitter! Here's to more great conversations in 2008.

Syndicate content