The Future of Internet Security, page 1


Pages:
ATS Members have flagged this thread 1 times
Topic started on 25-9-2012 @ 01:54 PM by kisharninmah
Today I woke up to an email saying I reactivated my Facebook account. It was deactivated, and I didn’t log on. So does that mean it was hacked? There is nothing on that account but I still feel violated. I had a long password too. Granted it had hydrogen alpha as part of it (and I know you shouldn’t do that because it’s almost as bad as setting your password to admin), but I mixed it with other numbers and letters and special characters. So when I say it was long, it was LONG.

When I deactivated my account, I opted out of receiving emails, and I know not to log in. I didn’t click on any links within the emails. So this morning I had an email saying it was reactivated. About twenty minutes after the time stamp of this email, I received another email about activity on my Facebook. I did check to see if there were any instances of a deactivated Facebook reactivating itself. I did not find any. If anyone here knows if this could be the case, please let me know. I did activate verification codes where I could. But now I want to delete every account that doesn’t have this option. What happens, if it hasn’t happened already, if the option of using verification codes becomes ineffective? And what about my ATS account? Maybe I’m overreacting. Maybe I’ll abandon this account too.

Ten years from now, as technology and hackers become more and more clever, how will our online profiles be protected?

Our dependence on the Internet grows every day. The Internet is an evolving technology that carries enormous potential and vulnerabilities. How can we balance true internet security while maintaining internet freedom?

Even with the advancement of security, so comes the advancement of hackers.

I feel angry about what happened to my Facebook account, and I feel violated. I think of all of my stuff that is online: my work, my information and my personal conversations. How much further do I have to go to protect myself! In the end, after the anger fades, I just feel sad. I think I will be one of those people who will refuse the internet altogether. Not yet, not today, but in the not so distant future.
edit on 25-9-2012 by kisharninmah because: to fix typos


reply posted on 25-9-2012 @ 05:36 PM by kisharninmah
reply to post by kisharninmah


I posted this to the wrong forum. I should have scrolled further down (lol). Can a moderator post it under general chit chat or rant, which ever it fits best?

I missed the edit window.

Thanks.


reply posted on 25-9-2012 @ 05:41 PM by Arbitrageur
reply to post by kisharninmah

ATS doesn't work with the "https" protocol. Did you use https with facebook? And why the heck doesn't it default to that?

My understanding of the reason for using such protocols is that it's possible to intercept credentials if https is NOT used:

Why You Need To Use HTTPS on Facebook
It is a sad state of affairs in our world these days when a company offers a secure version of their website, but doesn’t default to using that version. There has been loads written on this topic, but I want to put in my personal experience here. I’m always talking about and thinking about security.

Simply sniffing the traffic going over my home network allowed me to see the cookie used in the http requests from my wife’s computer to facebook. I then was able to use a Firefox plugin to edit my cookies and add facebook cookies. I copied the informationdirectlyfromtheWiresharkpacketdata,andplaced it into cookies on my computer, and then visited Facebook. Low and behold, it told me that I was no longer Travis Weston, but instead, Tiffany Weston.

Session, consider yourself hijacked.
I have no idea if this has anything to do with your account getting hacked, just throwing it out there as a question/possibility.



reply posted on 25-9-2012 @ 05:44 PM by Arbitrageur
Originally posted by kisharninmah
reply to post by kisharninmah


I posted this to the wrong forum. I should have scrolled further down (lol). Can a moderator post it under general chit chat or rant, which ever it fits best?
You have to send the mod an alert so do that if you haven't already...they may not see your post. How about asking them to move it to the Computer Help forum?


reply posted on 25-9-2012 @ 06:22 PM by kisharninmah
reply to post by Arbitrageur




Did you use https with facebook?


No

Thanks for your input and for letting me know about getting informing a mod and where to put this post.


reply posted on 26-9-2012 @ 01:28 AM by Arbitrageur
reply to post by kisharninmah

It increases the server load, so I suppose they figure if people don't care enough about security to use it, then they don't want to have to pay to upgrade their servers so everyone can use it.

They have shown over and over that they don't take security that seriously. They have reset the users' carefully selected settings to default when the site is upgraded, which has happened multiple times already. There are several things they could have done differently than they did when upgrading the site if they really cared about security, like maintained the previous security settings or if that wasn't possible, prompt the users who weren't using default settings that the settings had been reset to default so they could at least know they had to change the settings again.
Pages:     ^^TOP^^



Pokemon discovered in Venezuela
  Posted 14 days ago with 47 member flags
89-Year-Old Man Develops Bladeless Bird-Friendly Wind Turbine
  Posted 11 days ago with 45 member flags
Amazing snowflake images that you have never seen before.
  Posted 14 days ago with 44 member flags
Energy Solutions THEY don\'t want you to know about
  Posted 14 days ago with 35 member flags
Does this video show a working self propelled magnetic engine?
  Posted 7 days ago with 31 member flags
Viruses: alive or not?
  Posted 11 days ago with 30 member flags
NASA reveals secrets it has hidden on the Curiosity rover.
  Posted 17 days ago with 29 member flags