Jump to content

How to encrypt myspace.com usernames and passwords?


Recommended Posts

Posted

I've recently created a profile at myspace.com and noticed usernames and passwordsa are transmitted in clear text. Is there any way to conceal or encrypt my credentials from possible sniffers?

Posted

Nope:

wget https://myspace.com/

--00:53:11-- https://myspace.com/

=> `index.html'

Resolving myspace.com... 216.178.32.50, 216.178.32.48, 216.178.32.52, ...

Connecting to myspace.com|216.178.32.50|:443... failed: Connection refused.

Connecting to myspace.com|216.178.32.48|:443... failed: Connection refused.

Connecting to myspace.com|216.178.32.52|:443... failed: Connection refused.

Connecting to myspace.com|216.178.32.137|:443... failed: Connection refused.

Connecting to myspace.com|216.178.32.49|:443... failed: Connection refused.

Connecting to myspace.com|216.178.32.51|:443... failed: Connection refused.

Posted

(New post to make clarity understood)

You could VPN out to a remote computer (i.e. Proxy server), the user name and password (along with every thing else) would be completely unreadable, but that only lasts until the connection leaves the remote host. So while some one sniffing your connection won't be able to see it, any one sniffing your remote hosts connection will.

Posted

Very interesting! Not exactly practical though.

I need to do more research on this but I wonder if it's possible to wrap the packets up in some sort of encryption for transmission then unencrypt itself once it senses the syn/ack during the 3 way handshake with the server.

(New post to make clarity understood)

You could VPN out to a remote computer (i.e. Proxy server), the user name and password (along with every thing else) would be completely unreadable, but that only lasts until the connection leaves the remote host. So while some one sniffing your connection won't be able to see it, any one sniffing your remote hosts connection will.

Posted
I need to do more research on this but I wonder if it's possible to wrap the packets up in some sort of encryption for transmission then unencrypt itself once it senses the syn/ack during the 3 way handshake with the server.

No... for he connection to be encrypted the server has to initiate the encryption. If you send a web server encrypted http packets, the server will egnor them and posably flag them as possible hack attempt.

Clearly the owners of myspace don't like there users enough to give them the option of an encrypted connection, even if it's just for the login process. Really encryption should be used the whole time you are logged in, other wise you are open to a cookie thief.

This is why Darren should create a certificate him self and get Dreamhost to put it on this server ;)

Posted

I was replying to Sparda.

Besides, how many would? I know it's popular opinion that most people on MySpace are dumbasses, I won't give an opinion on that but idiots or otherwise they still might not know or care about encryption.

Edit: I've heard plenty of stories of people putting private info on MySpace saying "oh, I haven't got any personal info on the net, I only put it on myspace"... d'you think these people care about encryption?

Granted, that's not the only people that use MySpace but those people would certainly not care about encryption.

Posted
but idiots or otherwise they still might not know or care about encryption.

MIGHT not. I didn't say that everyone on MySpace is a braindead fuckwit, I just said that I personally don't know how many care. How many people have you heard complaining that MySpace isn't secure enough?

Sure, some will but most people don't want the technical details. They want MySpace to load, they don't care if this info is encrypted or not.

Posted

Now you're nit-picking... if you'd bothered trying to walk past that opportunity to start a flame war here you'd have realised what I actually meant:

There are MySpace users who;

Have no idea whatsoever about anything,

Are intelligent but don't necessarily follow internet security,

Are intelligent but do follow internet security but don't care,

Are intelligent, follow internet security and want their passwords encrypted.

Now, where do people think most MySpace users fall in that list?

Bear in mind that only 1/4 of the catergories in this list account for the people who would require the answer this post is here to get.

There are enough people yelling "mY$p4C3 5uXX0rZ!!" to be able to guage the general opinion of people here about the service. I know this does not account for everybody but come on, there's no need to start mudslinging over this.

Posted
Now you're nit-picking... if you'd bothered trying to walk past that opportunity to start a flame war here you'd have realised what I actually meant:

There are MySpace users who;

Have no idea whatsoever about anything,

Are intelligent but don't necessarily follow internet security,

Are intelligent but do follow internet security but don't care,

Are intelligent, follow internet security and want their passwords encrypted.

Now, where do people think most MySpace users fall in that list?

Bear in mind that only 1/4 of the catergories in this list account for the people who would require the answer this post is here to get.

There are enough people yelling "mY$p4C3 5uXX0rZ!!" to be able to guage the general opinion of people here about the service. I know this does not account for everybody but come on, there's no need to start mudslinging over this.

Right... and the majority of series of tubes users knows a shitload about encryption and internet security? :roll:

Posted

the way i see it is myspace =gay, anyone that uses myspace =gay, there for you must be gay :roll:

Posted

Here's an interesting way to do it from a friend's suggestion;

1. Set up a shell account on a trusted server

2. Download Putty {assuming it's Windoze for you}

http://www.chiark.greenend.org.uk/~sgtatham/putty/

3. Set up a Putty profile that will dynamically forward a

given port - let's say localhost:1337, save the session, and

open it.

4. Download FoxyProxy, for Firefox:

http://foxyproxy.mozdev.org/faq.html

5. Configure FoxyProxy to use a SOCKS 5 proxy for Myspace

and whatever other websites you desire. It sounds more

complex than it is.

6. Surf.

Posted
How many MySpace users know what encryption is?

How many would know how to use it?

How many care?

if people cared about anything, myspace would be dead,...for about 3542 reasons.... stupid emos.

Posted
Dude if I asked for a phone number and got a Myspace URL I might have to hurt someone.

Likewise, that would make we mant to really, really hurt something.

Posted
Dude if I asked for a phone number and got a Myspace URL I might have to hurt someone.

Likewise, that would make we mant to really, really hurt something.

yeah and basically myspace is just the follow up of look n meet (almost as bad ... same principal but a lot older ...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...