Skip to main content
  1. Home
  2. Computing
  3. News

Facebook and Twitter fail basic security test

Jeffrey Van Camp
By

Riding off of the coattails of the FireSheep Firefox exploit, Digital Society has studied the basic security functions of 11 popular websites and given them grades. The results are not stellar for most, especially social networking sites Twitter and Facebook, which both received failing grades.

The reasons why they failed get quite technical, but center around the lack of full SSL (Secure Sockets Layer) protection on the sites. One easy way to know if you are on an SSL protected site is if your browser bar says “https://” instead of the standard “http://.” If you are not, then it is possible that your information could be stolen because it is not encrypted. Facebook and Twitter do not encrypt data all the time, a feature that they should implement.

online-security-report-card-facebook-twitter-2010
Image used with permission by copyright holder

There are four basic ways to get hacked (studied here)

If a site doesn’t have SSL browsing support, anyone can see what you’re browsing at any time, but only what you’re browsing currently.

In a partial sidejacking, an attacker gets a hold of a users authentication cookies and gains partial access to their account. An authentication cookie is a small file that sites on your computer, allowing you to revisit a website without re-logging in every time. It tells Facebook: “hey, I’m still the same computer; let me in.” In a partial sidejacking, some of your information is visible to the attacker, but he/she can’t entirely breach your account.

Recommended Videos

In a full sidejacking, the attacker gets full control over your account, but can’t get your username or password. Usually he/she can do everything except change the password because most sites request that you re-type the old password first. Full sidejacking is scary. In Hotmail, for example, an attacker would be able to read all of your emails.

Finally, in a full hijacking, the attacker gains control over everything in your account and can change anything, including your password. Sites that do not have SSL authentication leave you vulnerable to a full hijacking.

Be careful

Our best advice: be careful where you browse Facebook, Twitter, and other sites with logins. If you’re on public Wi-Fi spot, make sure that it is password protected. This should encrypt your information, making it more difficult for others to hack you.

Editors' Recommendations

Topics
Jeffrey Van Camp
Jeffrey Van Camp
Former Digital Trends Contributor
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
Save $150 on a lifetime license for Microsoft Office for PC
microsoft office professional 2021 deal stack social april 2024 bundle

For one of the cheapest Office deals today, check out Stack Social which currently has a lifetime license for Microsoft Office Professional 2021 for Windows for just $70. The product normally costs $220 so you’re saving $150 off the regular price, all while gaining a lifetime license for some very useful software. If you’ve been considering getting Office and don’t want to deal with the ongoing nature of Office 365, this is a good opportunity to do so for less. Here’s what you need to know before you click the buy button.

Why you should buy Microsoft Office Professional 2021
If you’ve been reading up on whether to use Microsoft Word or Google Docs and you’ve settled on Word, snapping up Microsoft Office Professional 2021 is a great way to do so for less. Described as everything a pro needs, Microsoft Office Professional 2021 is pretty great.

Read more
Best Squarespace deals: Save on domains, web builder, and more
A laptop with Squarespace displayed on the screen.

Nowadays, everybody has a website, whether it's for personal stuff, to show off their online portfolio, or even to sell something. Of course, building a website isn't always easy, especially for those who aren't tech-savvy, but you'll be surprised at how easy it is to build a website with Squarespace, even for beginners. Luckily, there is currently a great sale going on at Squarespace to give you an extra nudge to grab yourself a subscription, with annual plans giving you up to 36% off, as well as a short-term 20% off sitewide with the code W4D20.

Besides just website building, there are a ton of perks of subscription, from hosting to email campaigns and even Squarespace Courses, which is pretty unique for a website-building website. So, if that sounds like something you'd like to be a part of, we've listed all the ways you can save on Squarespace subscriptions below.
Today’s best Squarespace deals

Read more
Microsoft Word free trial: Get a month of service for free
A person using MS Word.

It may not feel like it, but Microsoft Word is probably one of the most popular word processors out there, along with Google Docs, and pretty much everybody has likely used it at some point, regardless if you prefer Microsoft Office to Google Docs. Of course, if you want to get your hands on it these days, you're going to have to buy it as part of Microsoft Office, as opposed to getting it as a standalone product like you used to. While you do have to pay for the subscription, you can get Microsoft Word for a month using the free trial before it reverts to a paid subscription. Also, be sure to check out some of these useful Microsoft Words tricks and even how to run Microsoft Office on the Quest 3.
Is there a Microsoft Word free trial?

Microsoft Word is actually part of the company's wider Office app suite. Now known simply as Microsoft 365 (formerly Microsoft Office), Microsoft's enterprise software is available in a number of different packages that are now subscription-based; the company has retired the older bundles that were available for a one-time payment. That means if you want a Microsoft Word free trial, you'll need to sign up for the Microsoft 365 trial.

Read more