Search By Topic:

Popular Topics:



News & Features | Jun 10th, 2011

FaceNiff Brings the Security Risks of Firesheep to the Mobile World: The Social Media Privacy Report  

Jillian Ryan

Last October privacy and security technology experts were buzzing about the launch of Firesheep, a Firefox extension that gave hackers the ability to easily hijack unencrypted Facebook, Twitter, and even Amazon credentials from other users on the same wifi network. The same individuals who were concerned about Firesheep are probably just as scared about FaceNiff, an Android application that launched last week from Polish developer Bartosz Ponurkiewicz.

Security researcher 'Ms. Smith' on NetworkWorld, calls the app a “wicked mobile cousin of Firesheep.” With a rooted Android phone, a user can run FaceNiff to sniff and intercept web session profiles over wifi connections to hijack credentials from Facebook, Twitter, YouTube and other services.

Now a hacker doesn’t even have to go through the hassle of opening a laptop, as was required with Firesheep; he can simply use his mobile device. Using the application is as straightforward as sending a text message from your Android phone. Check out this video to see the app in action.

So not only does FaceNiff bring the security implications of Firesheep to the more accessible mobile sphere, but it also goes one step further.  With Firesheep, if a user is on a password-protected WEP, WPA or WPA2 secured WiFi network, he cannot be hijacked. But with FaceNiff it doesn’t matter; all networks – secured or unsecured – are vulnerable to attack.

Protect Yourself From FaceNiff

Many technology and security experts are concerned and strongly encourage users to connect to WiFi networks with caution. Rosa Golijan from MSNBC’s GadgetBox asks her readers, “Do you trust whoever set up the network you're logging on to? Do you even know who runs it? Think twice about using free public networks.”

But if you find yourself on a network and you doubt its security, Mashable recommends using HTTPS for an extra level of protection.  However, as PRIVATE WiFi™ has reported in the past, while HTTPS is better than HTTP it is still vulnerable to man-in-the-middle attacks.

Thus, we recommend, just as Mobile Magazine, to protect yourself with a Virtual Private Network (VPN) like PRIVATE WiFi to encrypt your online traffic. That makes your logins and your Internet communication  invisible to sidejackers and hackers, even when using vulnerable websites. If the user in the above video would have been running PRIVATE WiFi on his computer, FaceNiff would have never detected him!

Does the idea of FaceNiff being able to hijack your log-in credentials leave you feeling vulnerable? Would you download PRIVATE WiFi to guarantee your privacy and security on the internet?

Associated Topics:

Associated Topics:


Related Posts

The Three Legs of Protection: Antivirus Software, Firewalls, and VPNs

Thought Leadership
Kent Lawson | Apr 15th, 2015

We've all heard about antivirus software and firewalls. But we probably don’t know as much about the third leg of computer protection: a VPN, or virtual private network. In his latest article, company CEO Kent Lawson says we do this at our peril, because the damage we can suffer from not using a VPN may far outweigh the risks of the other two combined. After the large-scale hack attacks over the past few years, VPNs are now earning their spot as the third security leg that is vital to every-day computer security. Read More

New Hotel WiFi Vulnerability

Thought Leadership
Alok Kapur | Apr 9th, 2015

Earlier this year, the FTC declared a critical announcement for travelers: hotel WiFi is dangerous. Many people assume that because they are paying for it the network must be safe, but that is a dangerous assumption. Hotel WiFi networks are completely insecure; the bad news is that a new exposure in hotel WiFi has just been found. Read more to find out how you can keep yourself protected. Read More

Introducing DataCompress: A Data Savings App for your Mobile Device

Thought Leadership
Jillian Ryan | Apr 1st, 2015

Is your phone a data hog? If so, we have some good news. The makers of PRIVATE WiFi, have a new product on the market to help users improve their Internet experience. With the launch of DataCompress, Android users can cut their mobile data use by up to 50%*. This new app let's you get the right-sized content, fast! This means using less of your plan as you get more value out of it. Read More

Cyber Security Training Just As Important at C-Level

Thought Leadership
Eva Velasquez | Mar 24th, 2015

The need for better online safety training to prevent data breaches is a hot topic right now. Coupled with stronger computer and network policies, companies want to prevent the hacking events that leave businesses susceptible to a data breach. While it’s no secret that employees in both the private sector and government service can unintentionally expose organizations to hackers, what is surprising is a report by Wombat Security that shows that 33% of CEOs fell for phishing attacks that led to network access. Why are they falling for this kind of internet activity? Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.