Firefox plugins are handy, useful little nuggets of utility that expand the breadth of functionality for desktop users. But one of them (called Firesheep) took people to the dark side a few months ago, allowing laptop users to hijack the Facebook logins of others on the same Wi-Fi network — like those enjoying public hotspots.
Well, now Android users can get in on the same illicit action with FaceNiff, a new Android application that can “sniff” out and access the Facebook accounts of other users on the same open Wi-Fi network with a single tap of the finger. What’s really disconcerting here is that a big bulky laptop isn’t even necessary. Anyone with an Android phone or tablet (which are pretty ubiquitous) is capable of this techno-hijacking.
So be warned that FaceNiff has hit the masses. And to protect your Facebook account, be sure to enable HTTPS or, for Firefox, try the HTTPS Everywhere extension. (For even more security, you can set up an SSH tunnel and SOCKS proxy for your computer or Android device.) And if you can, try to avoid open networks. After all, a little precaution can go a long way.