вторник, 22 ноември 2011 г.

Facebook security

Facebook внесе промени, но не каза нищо (отново)! Погледнете вашия URL ( в адресната лента, горното прозорче на вашия екран.) Ако виждате "http" или просто "www", вместо на "https", ВИЕ НЯМАТЕ защитена сесия и могат да Ви хакнат. Отидете на Настройки на профила - кликнете на сигурност в горния ляв ъгъл - щракнете върху Редактиране до Защитено разглеждане, сложете отметка в квадратчето, щракнете върху Запиши. FB автоматично е поставил вместо Вас опцията за незащитена сесия! Направете услуга на останалите и копирайте и публикувайте този линк ---> http://informator-bg.blogspot.com/2011/11/facebook-settings.html



Turning On Https in Facebook

Log in to Facebook, click on the Account drop-down in the upper right, and click on the Account Settings option.
On the resulting page click on the change link next to Account Security.
(As I write this, the https option is in the process of being rolled out, so not everyone may have it yet. Keep checking.)

Make sure this is checked.


Why is this Important?

The problem is our old friend: open WiFi hotspots.
The program I mentioned, "FireSheep", is an addon to the Firefox browser that simply captures and displays the usernames and passwords of people who are on an open WiFi hotspot and are logging in to services like Facebook.
And it does so very, very simply.
Because most folks don't take appropriate precautions when using an open WiFi hotspot they're frequently logging into those services and exposing their login credentials to anyone who might be in range.
This isn't really a new problem, FireSheep is just an example program that shows how easy it is to do. The author released it with the hope that internet services like Facebook would be forced (or shamed?) into taking action.
Action like supporting https.
Used properly https encrypts the entire conversation with the internet service - including your username and password. Anyone eavesdropping at your open WiFi hotspot will see only gibberish.
That's why computer folks have been insisting you use https for banking for a long time.
As it turns out your login credentials for services like Facebook and others are often just as important to keep secure.
And now you can.

Go do it.

Now.

Няма коментари:

Публикуване на коментар