On Thu, Oct 28, 2010 at 8:14 AM, David Fetter <[email protected]> wrote:
> On Thu, Oct 28, 2010 at 07:45:34AM +0800, Muhammad Najmi Ahmad Zabidi > wrote: > > On Thu, Oct 28, 2010 at 7:21 AM, David Fetter <[email protected]> wrote: > > > On Thu, Oct 28, 2010 at 07:14:18AM +0800, Muhammad Najmi Ahmad Zabidi > > > wrote: > > > > > > > > Many of you have probably heard in the news about the new add-on > > > > for Firefox called Firesheep. This add-on makes it incredibly > > > > easy to sidejack non-‘HTTPS’ log in sites (for example Facebook > > > > and Twitter) if you connect to them over an open wireless > > > > network. While the ability to sidejack is nothing new this > > > > add-on makes it feasible for anyone to do it with one click. No > > > > programming or “hacker skills” are needed. As of this morning > > > > this add-on has been downloaded over 312,000 times and has only > > > > been available since Sunday. > > > > > > > > We know many of you have personal Facebook accounts and wanted > > > > to get this information to you as soon as possible. > > > > > > OK, stop right there. > > > > > > Facebook is a much, much bigger threat to your privacy than any > > > Firefox plugin could ever be. > > > > > > If you're going to warn people about threats to their privacy, > > > warn them about Facebook, not some amateurish little gizmo > > > > When we log in to social networking and agreed for their T & C we > > already agreed to say "privacy is long gone". What does privacy > > looks like when we tweet our location, enable Google Latitude etc. > > If you imagine that Facebook is doing less to invade your privacy than > Firesheep is, you're just not getting what they take in a billion > dollars a year doing. They don't stop invading your privacy when you > leave the web page. They don't stop when you leave their service > entirely. They don't stop when you and all your friends leave. They > just plain don't ever stop. > > With some silly little browser plugin, it's at least in principle > possible to take some individual action and make it go away. > > With Facebook, it's going to take direct action by governments: laws > and treaties. And it's going to take at least one privacy disaster > with a large body count to get those governments to act. Now's the > time to start making sure they have a not-crazy set of ideas for what > to do when these disasters strike, because they *will* act, and > decisively. > > Cheers, > David. > I heard one of the speaker of HITB KL said, sort of; When a service comes free, then people is the commodity. So much for a free stuff :p
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
