— If you remember the privacy fiasco that Firesheep caused just months ago by allowing laptop-toting pranksters to hijack the Facebook accounts of unwitting public Wi-Fi users, then you’ll know the sort of tom-foolery that’s about to ensue now that FaceNiff exists. The app allows Android phones to sniff out and use Facebook accounts of other users on the same open wireless network with a single tap of the finger. This time, however, there’s no bulky laptop involved, making the deed easier to perpetrate than ever before.
If you haven’t done so yet, be sure to take steps to protect your account from attacks like this by enabling HTTPS for your Facebook account, or using a Firefox add-on like HTTPS Everywhere. If you want even more secure connections, consider setting up an SSH tunnel and SOCKS proxy for your laptop, or your Android phone. And, as always, try to avoid “open” Wi-Fi networks if at all possible. Asking for a password may be a bit of a hassle, but it’s well worth the encryption and security that comes with it.