Slashdot Mirror


Identity Theft and Social Networks

scubacuda writes "This Security Focus article looks at the lack of security social network sites have, particularly their lack of SSL logins, which means a user's session ID will be logged on any proxy and possibly sniffed. From the article: '[A]ccording to [Clay] Shirky, one thing is certain: "The value of each site is communally-created. Links and transactions are more important than individuals." In other words, each community creates its own kind of value. Thus, an attacker might hit Tribe to farm social networks for spam victims; and then he might exploit LinkedIn to get the contact information for a VC he wants to meet.'"

2 of 190 comments (clear)

  1. It's just common sense by Waffle+Iron · · Score: 5, Funny
    Only a total idiot would post a message on a site that doesn't use a secure login procedure.

    Oh, wait...

  2. Re:How often they get caught by Brahmastra · · Score: 5, Funny

    I was a victim of identity theft once and made a police complaint, an FTC complaint, etc.. They all said that it was unlikely anyone would ever be caught. Haven't heard anything for 2 years now. They need to start castrating identity thieves... it's getting out of hand.