Tag Archives: social engineering

Reddit

I’ve only just discovered Reddit.
What rock have I been hiding underneath?

I knew of Reddit – I had just never been on and actually looked at what it does. It’s social media but it feels more purposeful and direct. You can just search for a Topic, e.g. “Security” then instantly see what the world is talking about regarding Information Security.

Here are some of the articles I’ve found and digested in the last two days of using Reddit, check them out they are quite interesting:

I dared two expert hackers to destroy my life. Here’s what happened.
White Hat Hackers Hit 12 American Hospitals To Prove Patient Life ‘Extremely Vulnerable’
Mint Web Site Hacked and ISOs replaced with Backdoored OS
Airport Experiment Shows That People Recklessly Connect to Any Open WiFi Hotspot

Anyway, you probably already knew that as I am the last person on Earth (it seems) to dive into Reddit.

Facebook Apps

Before doing Facebook linked quizzes and meme makers, etc. you may notice they tell you they will require to take your email address, friends list, date of birth, sometimes more from your profile. You are required to accept to continue, after this point it doesn’t matter how locked down your facebook profile is.

Ask yourself why they need this and are you prepared to accept for them to have these details in order for you to do that quiz or “whatami” generators.

Your details will probably be wholesale sold for the purpose of advertisement but could quite easily end up in unscrupulous hands, especially if one of these hands or “organisations” creates a quiz page as honey pot.

Once in the app they sometimes ask more questions like “what is your favourite colour” or “what was the name of your first pet” in the pretence it will help generate a better match for you. These are just example password reset questions.

The details these apps ask you would allow access to some online shopping accounts and getting even more details from your profile on there such as address or last 4 digits of bank card could enable ID fraud.

I clicked on a couple of the Quizzes people are doing today on Facebook and found the following, why do they need this?