Slashdot Mirror

← Back to Stories (view on slashdot.org)

Identity Theft and Social Networks

Posted by michael on from the stealing-whuffie dept.

scubacuda writes "This Security Focus article looks at the lack of security social network sites have, particularly their lack of SSL logins, which means a user's session ID will be logged on any proxy and possibly sniffed. From the article: '[A]ccording to [Clay] Shirky, one thing is certain: "The value of each site is communally-created. Links and transactions are more important than individuals." In other words, each community creates its own kind of value. Thus, an attacker might hit Tribe to farm social networks for spam victims; and then he might exploit LinkedIn to get the contact information for a VC he wants to meet.'"

1 of 190 comments (clear)

  1. what a bunch of idiots... by Anonymous Coward · · Score: 5, Insightful

    One friend feared that she might lose her job when a private entry about problems with her supervisor was made public

    Rule 1:
    If you want to keep something confidential, don't post it on a free website.

    If they aren't using SSL, they are basically saying they don't value privacy the way you value your privacy."

    Duh. Unless you use encryption, almost anything you send on the internet can be intercepted. Conduct yourself accordingly.