[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Facebook insecure by design

Subject: Facebook insecure by design
From: mike at mtcc.com (Michael Thomas)
Date: Sun, 02 Oct 2011 08:38:36 -0700
In-reply-to: <[email protected]>
References: <[email protected]>

William Allen Simpson wrote:
> In accord with the recent thread, "facebook spying on us?"
> 
> We should also worry about other spying on us.  Without
> some sort of rudimentary security, all that personally
> identifiable information is exposed on our ISP networks,
> over WiFi, etc.
> 
> Facebook claims to be able to run over TLS connections.
> Not so much (see attached picture).
> 
> This wasn't an "app", this is the simple default content of a
> page accessed after a Google search.
> 

I'm not sure why lack of TLS is considered to be problem with Facebook.
The man in the middle is the other side of the connection, tls or otherwise.

Mike

Follow-Ups:
- Facebook insecure by design
  - From: mysidia at gmail.com (Jimmy Hess)
- Facebook insecure by design
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)

Prev by Date: facebook spying on us?
Next by Date: Facebook insecure by design
Previous by thread: Cisco 7600 PFC3B(XL) and IPv6 packets with fragmentation header
Next by thread: Facebook insecure by design
Index(es):
- Date
- Thread