friendster uses http instead of https. it means friendster doesn't employ secure layer, even on login session. using security tools such as ethereal will make people easily expose your password.
So don't put global password on friendster! becareful.
Other security issues on public facility.
Even though you work over secure layer such as https, it wont guarantee your security. There is keyboard logging daemon threat! Yes it is possible to put a program that record your entire activity on a computer, any key you pressed!
Expecially for password you can disguise the software by writing your password on other place such as notepad or other editor whatever you like.
eg. my password is : secretService001
1. I write on password field : sec
then
2. I write on other place something: bla bla bla
then
3. I wrote on note pad the rest of password retSer...
therefore the keylogger will get "secbla bla retSer.."
absolutely you can repeat step 2 and 3 regarding your favor.
at last I copy paste the rest of my password that was written on notepad to the password field. ok its done. Last but not least I DON'T save my notepad file, let it lost!
hopefully it would be useful. :)
grammatical errors are part of art. i'm not native speaker :)
11 September 2007
security issues on friendster
09 September 2007
Langganan:
Postingan (Atom)
