Welcome to another of the many reasons I don't use things like Facebook. They are almost never designed with security in mind.
While that Firefox extension is a good one, you can generally achieve the same thing by changing the "http:" in a URL to "https:". Just look for the lock symbol to make sure you're actually using HTTPS.
It's not really a Facebook problem, per se. The security issue is that FireSheep steals your login cookies; some sites allow login to happen in http mode. For sure try to force the login to switch to https. Any way possible!
Welcome to another of the many reasons I don't use things like Facebook. They are almost never designed with security in mind.
ReplyDeleteWhile that Firefox extension is a good one, you can generally achieve the same thing by changing the "http:" in a URL to "https:". Just look for the lock symbol to make sure you're actually using HTTPS.
It's not really a
ReplyDeleteFacebook problem, per se. The security issue is that FireSheep steals your login cookies; some sites allow login to happen in http mode. For sure try to force the login to switch to https. Any way possible!