Man-in-the-Middle Attack on MySpace with Cain

Slimjim100 writes "Last year at ChicagoCon 2007, Brian Wilson gave a great talk entitled "Cain & Abel: Windows Can Hack, Too!" Although the presentation and audio recording of the talk can be downloaded from the ChicagoCon site at Library, I had totally forgotten to publish his videos. Just in case things didn't go as planned during the live event or his laptop crapped out on him, Brian made a video of the MITM attack he demonstrated using Cain. You get to see how Myspace and other social networking sites are not designed with security in mind."

Don't use MySpace!

[Doug52392]

MySpace is notoriously insecure and a hacker or spammer's playground. The first thing I noticed when I created an account 10 months ago is that there was no HTTPS logon. Even Facebook has that!

But even if they were to use HTTPS, that still wouldn't solve MySpace's issues. A lot of the people on my Friends List were not very tech savvy (like a lot of users), and, since most of them were teens, they easily fell for phishing scams and hacks. And then I get punished for their poor security practices by having my message board filled with ads for the "free, HoTtEsT ringtones!!!!" and "see girls naked!!!!" (btw all of those sites had viruses or malware on them). I stopped using MySpace after 2 months, I got tired of all the insecurity.

If I were to run this attack on the computers at my high school, I could cripple a lot of kid's social lives (and get expelled when the admins see :) I see SO many of my classmates using proxies to get on MySpace at school (even though it's against school rules, which I don't blame after seeing some of my classmate's MySpace pages). They just don't understand how easily I could get their password (or whoevers running the proxy, or even the admins). And it's worse when you wonder how many kids use the same user name and password for everything...

Kids these days are just not educated enough on good security practices, or show a lack of common sense with this stuff...