Skip to main content

Facebook and Twitter fail basic security test

Riding off of the coattails of the FireSheep Firefox exploit, Digital Society has studied the basic security functions of 11 popular websites and given them grades. The results are not stellar for most, especially social networking sites Twitter and Facebook, which both received failing grades.

The reasons why they failed get quite technical, but center around the lack of full SSL (Secure Sockets Layer) protection on the sites. One easy way to know if you are on an SSL protected site is if your browser bar says “https://” instead of the standard “http://.” If you are not, then it is possible that your information could be stolen because it is not encrypted. Facebook and Twitter do not encrypt data all the time, a feature that they should implement.

online-security-report-card-facebook-twitter-2010
Image used with permission by copyright holder

There are four basic ways to get hacked (studied here)

If a site doesn’t have SSL browsing support, anyone can see what you’re browsing at any time, but only what you’re browsing currently.

In a partial sidejacking, an attacker gets a hold of a users authentication cookies and gains partial access to their account. An authentication cookie is a small file that sites on your computer, allowing you to revisit a website without re-logging in every time. It tells Facebook: “hey, I’m still the same computer; let me in.” In a partial sidejacking, some of your information is visible to the attacker, but he/she can’t entirely breach your account.

In a full sidejacking, the attacker gets full control over your account, but can’t get your username or password. Usually he/she can do everything except change the password because most sites request that you re-type the old password first. Full sidejacking is scary. In Hotmail, for example, an attacker would be able to read all of your emails.

Finally, in a full hijacking, the attacker gains control over everything in your account and can change anything, including your password. Sites that do not have SSL authentication leave you vulnerable to a full hijacking.

Be careful

Our best advice: be careful where you browse Facebook, Twitter, and other sites with logins. If you’re on public Wi-Fi spot, make sure that it is password protected. This should encrypt your information, making it more difficult for others to hack you.

Editors' Recommendations

Jeffrey Van Camp
Former Digital Trends Contributor
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
Samsung’s MacBook alternative is up to $700 off today
The Samsung Galaxy Book 4 Pro against a textured grey backdrop.

If you like the idea of the MacBook Air but don't own any other Apple products or don't want to be in the Apple ecosystem, then we're happy to inform you that there are some great alternatives. One example is the Galaxy Book4, which is equally thin and light and can still pack a punch when it comes to processing power. Even better, you can get it for much cheaper than the usual $900 since you get a direct $200 discount that brings it down to $700, plus you can get up to $508 of trade-in credit. So, you could potentially get it for as low as $192, assuming you get the best trade-in value.

Why you should buy the Galaxy Book4
At just 0.61-inch of thickness, the Galaxy Book4 comes pretty close to the thin size of the MacBook Air, so it's a very portable device, which is impressive since it comes with a larger 15.6-inch screen. Granted, the screen runs at an FHD resolution, which is a bit lower than the MacBook Air, but at that screen size, the difference isn't that big. Luckily, the keyboard is great to type on, and you can expect up to 15 hours of battery life, which is pretty good too.

Read more
Samsung is having a sale on huge gaming monitors — up to $1,000 off
Samsung Odyssey Ark in cockpit mode.

If you're the type of person who likes to have the best gear for their gaming setup, then one of the best upgrades you can do is getting yourself a massive ultra-wide monitor that adds another layer of immersion. Some of these monitors are truly behemoths, and they have a price tag to match, but luckily Samsung is running a great sale on large gaming monitors right now with some significant savings. Samsung makes some of the best monitors on the market, so you're in good hands if you decide to grab one. However, if you'd still like something different, check out these other great monitor deals.
49-inch Odyssey OLED G9 -- $1,200, was $1,800
 

If you're looking for an ultra-widescreen, then the Samsung Odyssey OLED G9 is the perfect option because it's chock full of great features. Besides the absolutely gorgeous OLED display, it runs a 2k resolution that can hit a whopping 240Hz refresh rate; you'll likely need one of the best GPUs to run it. It also has a low response time of 0.03ms GTG, as well as support for HDR10+ and coverage of 99% of the DCI color gamut. You can even split it into dual QHD monitors if you need to get work done and require two screens, so it's a very versatile monitor.

Read more
The Windows transition to Arm just found its missing puzzle piece
The new Surface Pro on a table.

The Windows transition to Arm has pushed forward at an impressive clip, with many of the most significant apps having built Arm64 versions. But there's been one major holdout, even up until Microsoft's recent Copilot+ announcement.

A little app called Slack.

Read more