We get a lot of questions in the ConnectSafely forum about people finding their profiles compromised in various ways. One way this can be done concerns social networkers' passwords – if they've either given their passwords to friends or their passwords have been stolen. A researcher colleague of mine in Portugal, Daniel Cardoso, sent me a heads-up about the latter. Here, a post in EthicalHacker.com explains that there is free downloadable software on the Net that allows malicious hackers to steal users' passwords. Cain & Abel is "a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols." In Slashdot, which Daniel linked me to, a young security expert posted: "If I were to run this attack on the computers at my high school, I could cripple a lot of kids' social lives (and get expelled when the admins see I see SO many of my classmates using proxies to get on MySpace at school (even though it's against school rules, which I don't blame after seeing some of my classmates' MySpace pages). They just don't understand how easily I could get their password (or whoever's, running the proxy, or even the admins). And it's worse when you wonder how many kids use the same user name and password for everything. Kids these days [note that he's talking about his peers] are just not educated enough on good security practices, or show a lack of common sense with this stuff." Parents, make sure your kids practice good computer security – choose hard-to-guess passwords, don't share them with friends, change them fairly often, and choose different ones for different sites and services. IT News in Australia reports that "criminal hackers now view social networking sites as their best target for attacks." It goes on to describe another vulnerability besides passwords, and IT Pro in the UK reports on a Facebook vulnerability involving users' private photos.
NetFamilyNews – by Anne Collier
- A positive, insightful new book for schools on bullying
- Students called heroes in this 6th-grade class
- In the face of school violence, what do we default to?
- Popularity: The other kind of vulnerability
- FB & Oculus VR: The potential of a virtual-reality platform
- What’s (importantly) different about Snapchat
- We ‘like’ faces in social media: Study
- Yik Yak update: How the app came to geo-fence off US schools
Analysis & News – by Larry Magid
- Facebook’s ‘Nearby Friends’ feature: What you need to know
- Identity theft a problem from cradle to grave — Kids most vulnerable
- How to protect your family from Heartbleed security flaw (slideshow)
- Beware of Heartbleed inspired phishing scams
- Are sites you use vulnerable to Heartbleed security flaw?
- Microsoft ends support of Windows XP: Machines highly vulnerable to security risks
- The evolution of online safety: Lessons learned over 20 years
- Safety through mindfulness: Watch ‘The Science of Character’