Thursday, 15 September 2011
Faceniff - sniffing Facebook accounts with Android Phones
I've been meaning to have a look at 'Faceniff' for a while. I came across a good video today which demonstrates it (and has some nice music). It is basically Firesheep for Android. I'll let the video do the talking, but my advice to people is to go to Facebook, select "Account" (at the top right of the page), choose "Account Settings" and then go over to the left and choose "Security". Go over to "Secure browsing" and choose the option for "Browse Facebook on a secure connection (https) whenever possible". This blocks the Faceniff attack. Google changed this to be a default setting a long time ago with gmail. There are plenty of other threats out there when connecting to WiFi access points, so try and be safe.