You might have used a service like Strong Password Generator or something similar to pick a nice long password with a confusing combination, a ton of symbols and numbers. This sounds foolproof right?
What if I told you you’re wasting your time? What if I told you that if I wanted too I could go and hack into your Facebook, or any other of your accounts in a matter of seconds? Scary stuff, huh?
Every second people are getting their accounts broken into by not just hackers but normal people. How is this possible?
How To Hack Any Account In Seconds
Let me introduce you to a Firefox addon called FireSheep. What FireSheep does is it hi-jacks other peoples session and lets you use it. For instance close to all sites on the web store cookies on their servers. Now I am not talking about the chocolate chip type of cookies. Nope, these cookies save your preferred settings for sites, while other cookies have your username and password on them.
To break into someones account just open up FireSheep, click ‘Start Capturing’ and it will list all the users in your network that are currently logged on. For instance sites like GMail, Yahoo and Facebook will most likely appear.
So all you would have to do to is double click on a name or icon in FireSheep and I can access your account. All I did was steal your cookies and tricked the site into allowing me to log in.
From here I can do what ever I want. Post on your wall, message someone, or if I wanted even change your password. All this without me ever knowing what your password was and without leaving a trace.
Now before you go bashing on FireSheep, the creator of made it to warn sites like Facebook to cover holes in the sites and to stop HTTP session hi-jacking. Even though people might use it for wrong, that was not the original intention for it.
How To Protect Yourself
Like I said people will use FireSheep for the wrong things. So how do you protect yourself?
These is a Firefox addon called HTTPS Everywhere which encrypts your connection. For instance when you visit websites you are visiting them unencrypted or unprotected. This is because your visiting sites using HTTP. But, for example on websites where you have to enter private info (e.g Credit Cards, Social Security) they change HTTP to HTTPS.
What this basically means is that no one will be able to steal your info because its secure and encrypted.
Hopefully that all made sense, if not ask me your questions in the comment section below.
No comments:
Post a Comment