[News] [Discuss] [Search] [About] [Archives] [Options]

Facebook Is Insecure

All Alfred Essa's Facebook friends (including myself) received an 'urgent help needed' message from him over Facebook. It turns out, however, that the person in question was a scammer, having somehow hacked into Essa's account. In this post, Essa examines Facebook's login and determines that it does not use secure sockets layer (SSL). That is rather a surprise, and it means that if you are accessing Facebook over (say) a public wireless connection, your password can be lifted by someone 'sniffing' your communications. I've seen this before, where people hacked into people's blog accounts. As a general rule, do not log on to sites in public unless you know they are secure. Alfred Essa, The NOSE, January 28, 2009. [Link] [Tags: , , ] [Previous][Next]

Comments

Re: Facebook Is Insecure

Anymouse, January 28, 2009

It looks to me like Facebook does use SSL.

-Daniel Lemire [Comment] [Permalink] [Previous][Next]

Re: Facebook Is Insecure

Emma Duke-Williams, January 29, 2009

I think I must have read what I wanted to when I saw the title - I thought it said "Facebook is insincere" ... & decided you must have found something about the number of people that fib on it! [Comment] [Permalink] [Previous][Next]

Re: Facebook Is Insecure

http://ewout.org/, February 17, 2009

Yeah, Facebook does use SSL. Facebook may or may not be "secure" (actually, a very ill-posed question, need to look at threat-models and stuff) but it uses SSL for password sniffing protection in a completely standard way. [Comment] [Permalink] [Previous][Next]

Comment

You are not logged in. [Login]

Title
Description


Your comments remain your property, but in posting them here you agree to license under the same terms as this site (Creative Commons). If your comment is offensive it will be deleted.

Automated Spam-checking is in effect. If you are a registered user you may submit links and other HTML. Anonymous users cannot post links and will have their content screened - certain words are prohibited and your comment will be analyzed to make sure it makes sense.