Faceniff Allows You to HiJack Unencrypted Facebook, Twitter & YouTube Logins [Video]


Not that we condone this sort of stuff or anything, but since it already seems to be taking the blogosphere by storm we might as well report it. A developer created Faceniff, an Android application that’ll allow you to login to someone’s Twitter, Facebook and YouTube accounts if they login on shared WiFi networks without SSL encryption. The video above demonstrates the disturbing functionality.

We don’t even want to dig deep into how it works, and we’re feeling a little guilty putting a spotlight on this app, but perhaps this’ll encourage folks to use HTTPS from now on. You’ll need to be rooted and you can’t find it in the Android market. In fact, I think I’ll just leave anyone interested to find it for themselves. [via Mashable]

Exit mobile version