tag
Firesheep

Like FireSheep? You Will Love FireTweet!

OK, if some unimaginative journalist and/or editor can call a pair of bulging briefs “Weinergate” I can call this Twitter App “FireTweet”. Like Firesheep, Royal Test (FireTweet) is an attempt to demonstrate a privacy problem. Techcrunch reported this story and I have verified the privacy issue. Despite allegedly being unable to read private messages, applications

LinkedIn Security and The Rapture

What do these two topics have in common? More than you might think. The obvious is that neither has arrived yet. There is no proof of existence of either, you have to take it on faith. Neither will be here tomorrow… take my word for that. A story at http://www.reuters.com/article/2011/05/23/uk-linkedin-security-idUSLNE74M02820110523 explains how dreadfully poor security

Android’s Anomaly?

There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise.  This news cycle started by the Ulm University publishing some information on the 13th of May showing some results.  I'm sure this story will develop and CTAC may follow-up to my blog with more details;

Facebook’s Search and Destroy

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to

Facebook Fixes Flaw – Farmville Compromises Facebook

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions,

Politicians Better at Security than Twitter, Yahoo, and Amazon

Recently Senator Schumer from New York wrote a letter (http://www.infosecurity-us.com/view/16328/senator-schumer-current-internet-security-welcome-mat-for-wouldbe-hackers/) to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default. This is important because with http connections you are exposed to risk

Change your Facebook account settings for better privacy and security

Update 6/1/2011: Paul Laudanski has published an extensive guide to Facebook privacy, which is quite a remarkable feat since there is precious little privacy on Facebook :) Little privacy, but a whole lot of settings! Check it out at http://blog.eset.com/2011/05/25/facebook-privacy Facebook comes up a lot in this blog. Recently I wrote about the Hidden Face

Encrypted Facebook Chat?

With the release of Firesheep the Firefox add on HTTPS Everywhere has increased in popularity as it helps ensure that your Facebook session is encrypted. Using Facebook over https breaks the chat on Facebook however. The other day a friend of mine initiated a chat with me on Facebook. Imagine my surprise since I was

Cookie Theft (SideJacking or Session Hijacking) for Normal People.

Yeah, usually these things are titled “for Dummies”, but you’re not a dummy if you don’t understand, you’re normal. This is related to the program “Firesheep” and I will attempt to make it very easy to understand the problem. The solution is a bit more complex. It all comes down to trust and discretion. Unfortunately

Let’s Pull the Wool Over Your Eyes

Recently a tool called “Firesheep” was released. Firesheep makes it so that virtually anyone can hijack Facebook, and some other accounts when they are being used on unsecured public wireless networks. Firesheep takes advantage of the fact that Microsoft, Facebook, Twitter, Yahoo, and scores of other companies really couldn’t care less about your privacy or

Why is Unsecured Wi-Fi So Risky?

I’m sure that at some point you have listened to the radio. A signal goes out and all radios in range can tune in to the broadcast. WI-FI is essentially a radio signal that transmits and receives data. The access point and your computer exchange information, but all computers with wireless capabilities can receive the

Firesheep, Idiocy, Ethics and the Law

This isn’t a highly technical post by any means, but in a follow up I will explain some basics for less technical users and provide some information on protection. Recently a Firefox extension called Firesheep was released. Firesheep makes account hijacking easy enough that highly unskilled users can do it. Here’s how it works. A

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.