What do you need to steal someone his Facebook account? A lot of money, elite hackers? Surprisingly no. All it takes is a rooted Android phone, WiFi network and a little luck.

I showed you a network sniffer called Wireshark in the previous post. FaceNiff has similar capabilities, but it is much easy to operate.

Here is a quote from its developers:

FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to.
It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK)
It’s kind of like Firesheep for android. Maybe a bit easier to use (and it works on WPA2!).

 

How does it work?

You probably wonder how it’s possible to steal someone‘s account, when the account is protected with a strong password. Unfortunately in this case it doesn’t  matter on the strength of your password at all. Anyone with a network sniffer is capable to catch up your data sent trough a WiFi network. Then he can decode them if they are not encrypted. When you sign-in on Facebook, you’ll get a unique session ID identifier. Until the session expires, you don’t have to log-in again. Unfortunately the attacker can sniff your unique ID and use it to steal your identity.

 

FaceNiff

 

FaceNiff

 

How to protect yourself?

Only reliable protection is to use an encryption.  Always use the the HTTPS protocol instead HTTP if possible. You can also use Identity Cloaker . Then your activity will be invisible for applications of this kind.

June 26, 2012

The Price of Information

Today the price of information price is higher than ever before. Companies like Google or Microsoft collect information about you and your internet activity. They build large databases with this data about you. Why? They use it for their own corporate purposes.

But pieces of information about you may also leak in yet another way.

 

Internet communication

As you probably know, the Internet is created by an incredible amount of interconnected computer networks. But have you ever wondered how it’s possible that all the computers are perfectly able to communicate between each other? This is ensured by the set of communications protocols, commonly known as TCP/IP. These protocols are nothing new, they were developed in the 70s.

Another important protocol you need to browse Youtube, Facebook and another amazing websites is called Hypertext Transfer Protocol (HTTP). Together with TCP/IP, HTTP is the foundation of data communication for the World Wide Web.

These protocols work certainly very well. However, they aren’t able to guarantee you the security. Small wonder, considering they haven’t gone through any major changes for years.

 

The Security

To show how fragile your privacy on the Internet is, I googled the phrase „get proxy“. You can see the result in the image below. It doesn’t look like it could danger your privacy, does it? Look at the second image. Here you can see a list of captured packets from local network. A packet is a unit of data that is transmitted between computers in the network. You can imagine a packet like a letter: among other things it contains your address (in this case your IP address), a destination adress and also your writing (or your Google search). Now imagine anyone can read all the letters you send.

 

Searching for proxy with Google

Wireshark get proxy


This can be done by your network administrator. Or even by a complete stranger. Today it’s even possible to use an Android phone to sniff your data from WiFi. Hacking doesn’t require a genius geek anymore. As a matter of fact, today it’s very easy with a little help from various applications, for example FaceNiff. It is an Android app that allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. I will describe this interesting (although potentially dangerous) application more in the next post

FaceNiff

Content Blocking

Another issue beside security problems is a censorship. Maybe you think it doesn’t concern you. It’s a problem only in states like China, right? But sadly it’s not always the truth.

It is common that schools and companies block websites like Facebook, Twitter etc. Also some TV stations block their content according to your country. For example BBC is only for UK.

 

BBC geoblocking

Is there any solution?

Fortunately the answer is yes, there is. As a matter of fact, even several solutions exist. They include proxy, VPN and Identity Cloaker and I will guide you through all of these ways of protection.

Proxy alone is not enough

Proxy functions as a middleman between you and the server you are sending a request to. As it’s possible to find some free proxies on the Internet, this could seem like an ideal solution. But the only purpose of proxy is, that you can fool the destination server by changing your IP address. However, it will not encrypt any data. Fortunately, there are another ways to feel secure on the Internet.

VPN

This technology allows you to securely connect to remote network. It is mostly used by more experienced users and works on the most platforms. VPNs provide security through tunneling protocols and security procedures, such as encryption. It has a lot advantages. It will create a virtual network adapter and redirects all network traffic. Unlike proxy it works for all programs transparently. Another big advantage is a strong encryption. It is so strong, that even if traffic was sniffed, attacker would only see encrypted data which they wouldn’t be able to understand.

Despite all these great abilities, VPN connection has some disadvantages too. If you need to use internal proxy (usually in a school or in a work), it is difficult or even impossible. The fact, that all traffic is redirected causes your internet speed to slow down, even when it’s not neccessary. It also complicates access to your Local Area Network (LAN). That means that it will cause issues with network printing etc. And last but not least, it isn’t very comfortable to use.

Here is a sumary of main advantages as well as disadvantages of using VPN:

+ All traffic redirection is guaranteed

+ Strong encryption

- Difficulties with internal proxy

- Slower internet speed

- Complicated access to LAN

- Small comfort

Another solution

After all you have read, maybe you are thinking, if another solution exists. Actualy it does.

Another possibility is to create a secured tunnel with encryption like VPN, but redirect only selected traffic. Sounds smart, doesn’t it? It is not so easy, because not every application supports proxy (data redirection). It isn’t usually easy to set it automatically. But there is a solution how to protect most programs. Its name is Identity Cloaker