Hack facebook account

Firesheep

Firesheep is an open source firefox extension that can be used to hijack HTTP Sessions. When logging into a website you usually start by submitting your username and password. The server then checks to see if an account matching this information exists and if so, replies back to you with a "cookie" which is used by your browser for all subsequent requests.

It's extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called "sidejacking") is when an attacker gets a hold of a user's cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.

This is a widely known problem that has been talked about to death, yet very popular websites continue to fail at protecting their users. The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL. Facebook is constantly rolling out new "privacy" features in an endless attempt to quell the screams of unhappy users, but what's the point when someone can just take over an account entirely? Twitter forced all third party developers to use OAuth then immediately released (and promoted) a new version of their insecure website. When it comes to user privacy, SSL is the elephant in the room.

Today at Toorcon 12 I announced the release of Firesheep, a Firefox extension designed to demonstrate just how serious this problem is.

After installing the extension you'll see a new sidebar. Connect to any busy open wifi network and click the big "Start Capturing" button. Then wait.

As soon as anyone on the network visits an insecure website known to Firesheep, their name and photo will be displayed:

Double-click on someone, and you're instantly logged in as them.

That's it.

Firesheep is free, open source, and is available now for Mac OS X and Windows. Linux support is on the way.

Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web. My hope is that Firesheep will help the users win.
To download firesheep click here:

FIRESHEEP DOWNLOAD

Comments

How to turn off Ringbacks on Rogers

Rogers just update you to the latest iPhone value pack, or figure out some other way to stick you with their ringbacks service, and you’re desperate to find out how to turn it off? They don’t want to make it easy — they want you to pay money for more Ringbacks — but after over an hour of waiting on 3 different customer service and tech support reps, I got the answer. Here it is: From your Rogers iPhone, text 555 with the word OFF. You’ll get an autoreponder with a link to http://rogers.com/ringbacksoff Tap the link. You need to be on Rogers’ network (i.e. not Wi-Fi) to access this page! Scroll down to the bottom and turn OFF both Ringbacks and Voice Greetings. (Yes, Ringbacks are so annoying they require and additionally annoying Voice Greeting to beg the people who call you not to hang up while they’re annoyed by the Ringback.) Rogers tried to get me to give Ringbacks a chance, saying if I loved the Beatles and my friends new I loved the Beatles, I could entertain them w...

How to Reload Operating System on Nuked or Bricked BlackBerry

Good Afternoon Class! I’ve been a bit slack in my BlackBerry 101 lectures as of late – I blame the Smartphone Round Robin , all the Contests we’ve been running on the site and the busy Holiday Season. My apologies! This will be the last 101 lecture of the year… but we’ll be back in 2008 bigger and better than ever. Today’s lecture isn’t really a “newbie” topic, but it’s one that I wanted to cover because in the past three weeks I’ve gone through it half a dozen times and that is Reloading the Operating System on a BlackBerry that’s totally “Nuked” . I’m not sure if nuked is the technically appropriate word for it (I also use one that starts with an F and ends in an ED and has a CK in the middle), but it is how I refer to a BlackBerry that is stuck in a permanent reboot cycle and is completely, completely unusable. With a Nuked Berry, essentially the device turns on (red LED comes on for a few seconds), then you see the white screen with the hou...

Best Ipad and Iphone Photography Apps

Longtime Exposure Calculator Price: Free/ Available for iPhone, iPod touch, iPad Long-exposure photography fanatics will know that an ND filter can be essential when it comes to extending exposure time for those all-important open shutter shots. Longtime Exposure Calculator by HPR-Solutions is a free iPhone,iPad and iPod touch app that enables you to dial in a projected shutter speed to one column and then 'add' an ND filter as graded in both f/stops and filter names (eg 3 stop or ND8) in the other column. The app then calculates the adjusted exposure. While it is, in part, possible to TTL meter with an ND filter attached to the front of a camera's lens, the results won't always be accurate, and there's a point where things get so dark that it's not possible - especially with in-vogue super-dense filters. Having an off-camera calculation method such as this makes it quick and easy to figure out exposures without so much as needing to put those brain...

Reviews and Articles

Search This Blog