How-to Protect Your Facebook Account After Firefox Exposes Vulnerabilities

How-to Protect Your Facebook Account After Firefox Exposes Vulnerabilities
October 25, 2010Comments (0)Printer-friendly versionPrinter-friendly version

A new Firefox plugin has been released that exposes serious vulnerabilities in the security of many websites. The plugin called Firesheep uses a technique called "Session Hijacking" and allows its users to grab login information for users on public wifi networks. Although this technique has been around for quite some time, this plugin makes it far more accessible to the casual user.

Double-click on someone, and you're instantly logged in as them.

Eric Butler, the plugin's developer, explains: "After installing the extension you'll see a new sidebar. Connect to any busy open wifi network and click the big "Start Capturing" button. Then wait. As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed. Double-click on someone, and you're instantly logged in as them. That's it."

For anyone that accesses private social media websites on public wifi networks this can be very troubling. Luckily there is a very important tool available that can help users protect themselves from getting their login information hijacked. The web already has in place an encryption protocol called Secure Sockets Layer (SSL). You may already be familiar with this as many e-commerce sites already implement it to protect transactions. You can identify a site that uses SSL by looking at the URL prefix. If it has https:// rather than just http:// it is using SSL.

SSL can help prevent your information from being leaked through Session Hijacking. Luckily many sites already implemented SSL but many users are unaware of it. It is a good idea to make a habit out of accessing Facebook by using the secure URL rather than the normal one.

Do this: https://facebook.com Not this: http://facebook.com

In addition there is another Firefox plugin called HTTPS Everywhere that will try and force all the websites you visit to use SSL. Now that you are aware of these vulnerabilities - take steps to protect your data and Facebook worry-free.

Back to my blog
Adrian Mummey
Posted by: Adrian Mummey
Posted on: October 25, 2010
Posted in:

Post a comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account associated with the e-mail address you provide, it will be used to display your avatar.
Image CAPTCHA
Enter the characters shown in the image.
Adrian Mummey

you should know

Adrian is a programmer and web development expert living on the beach in Ventura, CA. He is currently attending California State University Channel Islands and is pursuing an MS in Computer Science. He recently returned to California after a long stint in Mongolia. He travelled to Mongolia as a Peace Corps volunteer in 2004, where he worked as a teacher at a rural school until 2006.

His specialties in development are PHP, MySQL, Javascript and CSS and he is always looking for interesting programming projects and enjoys producing Open Source Software. Adrian is a Zend PHP 5 certified engineer as well as an AB MySQL certified developer.

you should follow

Our B.I.G. Idea http://t.co/43f6hQuI via @OnyxGroup - Twitter 186 days ago
  • Children of God (The Sparrow, #2) by Mary Doria Russell
  • One Hundred Years of Solitude by Gabriel García Márquez
  • The Tipping Point: How Little Things Can Make a Big Difference by Malcolm Gladwell
  • A Wrinkle in Time (Time, #1) by Madeleine L'Engle
  • In Fifty Years We'll All Be Chicks by Adam Carolla
  • Lilith's Dream (Hunger, #3) by Whitley Strieber
  • 8 Minute Meditation: Quiet Your Mind. Change Your Life. by Victor Davich
  • The Definitive Guide to symfony (Definitive Guide) by Fabien Potencier
  • The Sirens of Titan (SF Masterworks, #18) by Kurt Vonnegut
  • Atonement by Ian McEwan
  • MySQL 5.0 Certification Study Guide (MySQL Press) by Paul DuBois
  • Zen and the Art of Motorcycle Maintenance: An Inquiry Into Values by Robert M. Pirsig

you should love

  • Is currently training for Las Vegas Marathon
  • Honed his amazing web skills in a yurt on the frigid steppe of Mongolia.
  • Climbed Mt. Kilimanjaro.
  • Can give a culturally appropriate “Cheers” in over 10 languages.
  • His international port of Joomla! was localized in nine countries.
  • Is currently pursuing his lifelong goal of living on the beach.
  • Graduated from California Polytechnic State University, San Luis Obispo, B.S. Computer Science.

you should see