I sincerely hope that this post of mine is seen in a positive light and not considered as my attempt at evading your privacy. I have just gotten out of Pakistan’s biggest yet Social Media Summit, and during the summit, I was able to – while using a simple Android application – hijack browser sessions of tens of top Pakistani bloggers / tweeples.

I didn’t do this, in order to blackmail them or anything, I didn’t alter anything with their accounts, neither looked into them. Instead just performed the hacking bit, so that I am able to get a point across. You are the opinion makers of Pakistan’s blogosphere, people follow your examples in word and in actions. Hence, it is of utmost importance that you show them the basic practices which can keep one’s Social Media experience relatively hassle free.

Following are some of the people whose browser sessions I was able to hijack during the course of the day. After the break, I’ll describe exactly how you can over come this security issue.

For Twitter:

Click ‘Settings’
Go to the very end of the page
‘Check’ Always use HTTPS.

For Facebook:

Click Account Settings
Click on Account Security
‘Check’ Browse Facebook on a Secure Connection (https)

  • Thank you very much SAAD. Really appreciate this.

  • Mahamirfan-

     do u realise u won’t be able to hijack accounts any more after this!=P

  • Mahamirfan-

     do u realise u won’t be able to hijack accounts any more after this!=P

  • i started thinking that you are now  a day’s more into defense / social media
    activist thingi…  but i was wrong you are still loyal to WCCFtech :P    i guess old habits die hard

  • Transport layer security and a private VPN can prevent cookie hijacking and more. I use Witopia.net, which has some TLS hubs in US. They have a hub in Delhi that provides faster access (for cricket etc) than going through the cloud.

  • Anonymous

    I applaud you Saad! HTTPS browsing is a must over WiFi networks! Excellent work!

  • F7_star@yahoo.com

    Thx it’s really good well done:)

  • Sahar Mlk

    I altered it as soon as you tweeted “convert to SSL”. Thank a bunch.

  • Pingback: Pakistani Blogosphere Accounts Hacked during Summit | Teeth Maestro()

  • Thanks.