Wednesday, November 25, 2009

Recent Risks on Internet

1. URL shorten service.
Hidden of advertisements or even worse, malicious websites.
Lost of service if the URL shorten service provider is down or hacked.

2. Websites, especially SNS, request user to provide email login and password in order to add friends.
Do they really need your password to just get a list of your friends?
Even the websites requesting your credentials are trustworthy, you are still at risk. For example, some website can add your friends on MSN or Gtak by requesting your logins and passwords, but your credentials are transferred in plain HTML to them. This means sniffers can get your passwords with ease.
There is no reason to request your password while other methods like oauth are available.