Results 1 to 9 of 9

Thread: Facebook Trojan Problem

  1. #1
    Join Date
    Jun 2000
    Location
    Windham, Vermont, USA
    Posts
    40,828

    Facebook Trojan Problem

    Any Mac users who are on Facebook - do NOT let it install something called "PhotoAlbum." It is really a Trojan Horse program for a Java script that will then do nasty things to your computer. Paul just read about this, and knowing how fond this crowd is of pictures - especially as we usually figure it's of someone's pet or child, I ought to warn you all.

    Remember - a Trojan Horse is NOT a real horse, do not welcome it in!

    http://www.macrumors.com/2010/10/27/...evel-disputed/
    I've Been Frosted

  2. #2
    Join Date
    Aug 2006
    Location
    Methuen, MA; USA
    Posts
    17,105
    Wow, isn't it rare for Macs to have these problems? I don't, I have a pc. But I always thought that was one of the Mac selling points.
    .

  3. #3
    Join Date
    Oct 2003
    Location
    Michigan
    Posts
    8,585
    Quote Originally Posted by Freedom View Post
    Wow, isn't it rare for Macs to have these problems? I don't, I have a pc. But I always thought that was one of the Mac selling points.
    Yes, it is rare for a Mac to be infected. We've been Mac people for 12 years and never had anything infect our computers.

    Part of the reason - Macs make up less than 10% of computer users, so it isn't worthwhile, monetarily, to bother with us.

    For that reason, and others, I wouldn't have any other kind of computer. I've run into people who almost brag about the number of viruses they accrue per week

    This is just another reason for me to stay away from FB.

  4. #4
    Join Date
    Oct 2006
    Location
    Australia
    Posts
    8,166
    Viruses are everywhere. I copped one last week on a militaria site, but it was caught straight away by my anti-virus program.
    Too bad some idiots get their jollies by creating such things.


    "I'm Back !!"

  5. #5
    Join Date
    Jun 2000
    Location
    Windham, Vermont, USA
    Posts
    40,828
    Quote Originally Posted by Freedom View Post
    Wow, isn't it rare for Macs to have these problems? I don't, I have a pc. But I always thought that was one of the Mac selling points.
    It is rare, but of course Facebook is so popular, and has such privacy issues already, I am not surprised someone targeted it. It's just a ripe target.
    I've Been Frosted

  6. #6
    Join Date
    Apr 2002
    Location
    Cleveland, Ohio
    Posts
    5,486
    I keep noticing something weird on Facebook feeds. I see how my friends 'like' something and it seems to be suspicious. I don't know if that's a virus waiting to happen, by clicking on it, so I don't bother!
    You're the one sure thing I've found so you better stick around...
    Best Fireman in da House´10
    dedicated to the kindest,loveliest and always helpful man that one would be honored and proud to know........R.I.P. Dear Phred

  7. #7
    Join Date
    Dec 2001
    Location
    Copenhagen, Denmark - GMT+1
    Posts
    15,952
    Facebook, Twitter easily hacked over WiFi

    Published On Thu Oct 28 2010
    Michael Oliveira The Canadian Press

    Think twice before logging into Facebook with free WiFi access — unless you don't mind snoopers reading and potentially altering your profile.

    A software developer is hoping to educate users about the dangers of using unsecured WiFi networks with a computer program that makes it easy to hack into Facebook and Twitter accounts.

    With a download of Firesheep, a plug-in for Mozilla's FireFox web browser, all it takes is patience and a couple clicks to access someone's profile on a variety of websites, also including the photo-sharing site Flickr and the Wordpress blogging platform. The program sniffs out log ons over the network and connects Firesheep users with those accounts.

    "Websites have a responsibility to protect the people who depend on their services. They've been ignoring this responsibility for too long, and it's time for everyone to demand a more secure web," wrote Seattle-based Eric Butler in a blog post explaining his program.

    Butler, who declined interview requests, said that not all websites are vulnerable to Firesheep, but too many sites aren't secure enough to thwart hackers. While typed-in login information may be protected, the user-identifying information in cookies — small text files that websites access on a user's computer — are not.

    "On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy," Butler wrote. "The only effective fix for this problem is full end-to-end encryption, known on the web as HTTPS or SSL."

    In just over 24 hours, Firesheep was downloaded more than 129,000 times. Among the users was Ian Robertson, an IT professional in Ottawa who took his laptop to a couple of local coffee shops to give the program a test drive with a colleague.

    "I was able to see about half a dozen accounts on Facebook and was able to actually log into their accounts, view all their photos, all their private information, their phone numbers — anything," said Robertson.

    "Just for a test with one of my colleagues I logged into his profile and I was able to change his status to single. And within about 10 minutes his girlfriend commented and said, 'Why??'"
    Robertson said he was surprised how easy it was to use and was concerned that others might download it for far more malicious purposes than he did.

    "You feel kind of powerful, I guess, like you could just go in there and spam away if you wanted to," he said. Firesheep is on the radar of Canada's privacy commissioner but there have been no public inquiries about the program and there is no investigation ongoing, said spokeswoman Anne-Marie Hayden.

    She did note the Personal Information Protection and Electronic Documents Act requires that companies use safeguards to protect personal data.

    "Personal information shall be protected by security safeguards appropriate to the sensitivity of the information. The security safeguards shall protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification," reads Section 7 of the act, which also states that protection should include physical and technological measures "for example, the use of passwords and encryption."

    "Because we haven't investigated this issue we can't say whether a particular site has violated the safeguards provision of (the act)," Hayden said. In a statement, Facebook said it's working on beefing up its encryption and warned about the risks of using the site over WiFi.

    "We have been making progress testing SSL access to Facebook and hope to provide it as an option in the coming months," the statement reads. "As always, we advise people to use caution when sending or receiving information over unsecured Wi-Fi networks."

    Kris Constable, founder of the Victoria-based company PrivaSecTech, said the security problems posed by unsecure wireless networks might be news to the general public, but they've long been exploited by hackers.

    Firesheep only takes away the barrier to entry for wannabe hackers. "The thing it’s done is made the attack a lot prettier ... it's kind of what hacking looks like in the movies," Constable said.

    He hopes Firesheep will finally put enough pressure on business leaders to invest in better encryption. "When you add something like encryption to any technology it's going to cost businesses more to implement so they're not motivated to do it, even though it's going to make people more secure," he said.

    "But hopefully (Firesheep) is going to force businesses to use more encryption and I think with more awareness ... people are going to actually start thinking, 'Well, maybe when I'm going to talk about sensitive things I need to start encrypting my emails.' People will start thinking with every website they go to and every email they send, 'Is it encrypted or not?'"

    To protect against getting hacked while using open WiFi, Butler recommends another FireFox plug-in called HTTPS-Everywhere, created by the Electronic Frontier Foundation. It protects against data leaking out while using sites like Facebook, Twitter, Amazon, Wordpress.com blogs and PayPal.



    "I don't know which weapons will be used in the third World war, but in the fourth, it will be sticks and stones" --- Albert Einstein.


  8. #8
    Join Date
    Aug 2004
    Location
    Alberta, Canada
    Posts
    22,005
    If there is a "Like" with a certain post but no "Comment" then I don't touch the thing!
    "Do or do not. There is no try." -- Yoda

  9. #9
    Join Date
    Apr 2002
    Location
    Cleveland, Ohio
    Posts
    5,486
    Quote Originally Posted by Catty1 View Post
    If there is a "Like" with a certain post but no "Comment" then I don't touch the thing!
    That's what I was talking about, that I keep seeing.... it's just odd!
    You're the one sure thing I've found so you better stick around...
    Best Fireman in da House´10
    dedicated to the kindest,loveliest and always helpful man that one would be honored and proud to know........R.I.P. Dear Phred

Similar Threads

  1. Replies: 16
    Last Post: 06-15-2009, 03:08 PM
  2. Replies: 7
    Last Post: 05-15-2009, 03:22 PM
  3. Facebook.
    By Blue Dragonfly in forum General
    Replies: 16
    Last Post: 12-10-2007, 08:15 PM
  4. I got a Trojan :(
    By slleipnir in forum General
    Replies: 12
    Last Post: 03-31-2004, 07:59 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Copyright © 2001-2013 Pet of the Day.com