FaceNiff makes Facebook hacking a portable, one-tap affair

FaceNiff makes Facebook hacking a portable, one-tap affair

www.engadget.com

Remember Firesheep? Well, the cookie snatching Firefox extension now has a more portable cousin called FaceNiff. This Android app listens in on WiFi networks (even ones encrypted with WEP, WPA, or WPA2) and lets you hop on to the accounts of anyone sharing the wireless connection with you. Right now it works with Facebook, Twitter, YouTube, and Nasza-Klasa (a Polish Facebook clone), but developer Bartosz Ponurkiewicz promises more are coming. You'll need to be rooted to run FaceNiff -- luckily, we had such a device laying around and gave the tap-to-hack app a try. Within 30 seconds it identif

(visit the link for the full news article)

Well now this is very interesting. Granted you need a jail broken android phone to run this. However the chances for hijinks are very high.

With this program you can go to any open wifi network. Or if you have a hotspot open up your own wifi network. And sniff Facebook accounts & passwords to your hearts content.

I don't know if ap isolation mode would limit the effectiveness of FaceNiff. But it might just stop it from working.

In any case here's a great way to get into peoples accounts to look for those private pics.

www.engadget.com
(visit the link for the full news article)

and yet if lazy gurus like the guys who created this would constructively put their talents to good use...they could solve many problems in the world and help make it a better place.

Instead, they choose to screw with other people because they feel their own lives are 100% inadequate.

Have to agree.

reply to post by grey580


Okay . . . creepy.
And then we find out that it is only available to the government. Thankfully not yet.

SeraphNB

reply to post by seraphnb


Why would they need this? they can just go to FB directly and demand access.
that is if they don't have a backdoor in already.

Facebook, Twitter, YouTube, and a polish brand of facebook...

Well, this sure makes me feel better that I have NO account
on ANY of them.....

Originally posted by PrimePorkchop
and yet if lazy gurus like the guys who created this would constructively put their talents to good use...they could solve many problems in the world and help make it a better place.

Instead, they choose to screw with other people because they feel their own lives are 100% inadequate.

Have to agree.

No.

Exactly by this action they are making these websites more secure because they are now forcing facebook & Co to finally implement security measures (https) which is state of the art for this purpose since 20 years already and only ignored by the owners of these websites out of sheer laziness.

This is the only language they understand.

Saw this on the news as well. It seems to be a man in the middle attack. No biggie really. You can avoid it if you use encrypted connections that use HTTPS. Simple fix.

reply to post by THE_PROFESSIONAL


Problem is facebook doesn't use https
so the packets are plain text.
it's easy to sniff the data and get your info.

It's nothing new. You can do the same with any packet sniffing software. and just capture the data going by on the network