Skip to main content

Facebook and Twitter fail basic security test

Riding off of the coattails of the FireSheep Firefox exploit, Digital Society has studied the basic security functions of 11 popular websites and given them grades. The results are not stellar for most, especially social networking sites Twitter and Facebook, which both received failing grades.

The reasons why they failed get quite technical, but center around the lack of full SSL (Secure Sockets Layer) protection on the sites. One easy way to know if you are on an SSL protected site is if your browser bar says “https://” instead of the standard “http://.” If you are not, then it is possible that your information could be stolen because it is not encrypted. Facebook and Twitter do not encrypt data all the time, a feature that they should implement.

online-security-report-card-facebook-twitter-2010
Image used with permission by copyright holder

There are four basic ways to get hacked (studied here)

If a site doesn’t have SSL browsing support, anyone can see what you’re browsing at any time, but only what you’re browsing currently.

In a partial sidejacking, an attacker gets a hold of a users authentication cookies and gains partial access to their account. An authentication cookie is a small file that sites on your computer, allowing you to revisit a website without re-logging in every time. It tells Facebook: “hey, I’m still the same computer; let me in.” In a partial sidejacking, some of your information is visible to the attacker, but he/she can’t entirely breach your account.

In a full sidejacking, the attacker gets full control over your account, but can’t get your username or password. Usually he/she can do everything except change the password because most sites request that you re-type the old password first. Full sidejacking is scary. In Hotmail, for example, an attacker would be able to read all of your emails.

Finally, in a full hijacking, the attacker gains control over everything in your account and can change anything, including your password. Sites that do not have SSL authentication leave you vulnerable to a full hijacking.

Be careful

Our best advice: be careful where you browse Facebook, Twitter, and other sites with logins. If you’re on public Wi-Fi spot, make sure that it is password protected. This should encrypt your information, making it more difficult for others to hack you.

Editors' Recommendations

Jeffrey Van Camp
Former Digital Trends Contributor
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
The 5 best Wi-Fi adapters for PC in 2024
The Ugreen AC1300 Wi-Fi adapter in a desktop PC.

Whether you're designing it yourself or getting a pre-built PC, it can be easy to get a computer and realize that it doesn't have a native Wi-Fi adapter. Or, maybe it does, but you're internet speeds are getting faster, game downloads are getting bigger, you've already upgraded your router and need an adapter to match your newfound power requirements. No matter the situation, an external Wi-Fi adapter that you can add to your PC setup or even laptop setup will be worth your time. Here, we investigate the best Wi-Fi adapters for PC use. Most are incredibly affordable and just snap into a free USB port and start working.
The best Wi-Fi adapter for PC in 2024

Buy the

Read more
How to pin a website to the taskbar in Windows
A man sits, using a laptop running the Windows 11 operating system.

Windows includes many interesting tools, but if you’re like many people, more and more of your digital life is happening in your web browser and nowhere else. That being the case, you’ll want to keep your most important websites close at hand. The easiest way to access them in Windows is the Start menu and the taskbar, treating them more or less like programs in and of themselves.

Although easy overall, getting a website from your browser to your taskbar is slightly different depending on which browser you’re using.

Read more
This LG 34-inch QHD gaming monitor is discounted from $1,000 to $529
The LG UltraGear monitor on a table.

If you want a top-tier display to go with your gaming PC, check out the 34-inch LG UltraGear QHD curved gaming monitor. Not only will it be a worthy screen for your powerful gaming desktop, but it's also currently on sale from Walmart with a $471 discount that nearly halves its price to just $529 from $1,000. We're not sure how much time is remaining before this offer expires, but like most monitor deals of this caliber, it will probably end sooner than you think. Buy it now if you don't want to miss out.

Why you should buy the 34-inch LG UltraGear QHD curved gaming monitor
Gamers who are playing the best PC games should have a screen that will let you appreciate modern graphics. That's certainly the case with the 34-inch LG UltraGear QHD curved gaming monitor, as its quad HD resolution promises sharp details and lifelike colors, while its curved screen fills your peripheral vision for more immersive gameplay. The gaming monitor also features a 144Hz refresh rate, which is at the top of our computer monitor buying guide's recommended range, and 1ms response time. With these specifications, you'll enjoy smooth movements and quick reaction times, which are extremely important in multiplayer matches.

Read more