Wifi and Browser vulnerability using hot spots???

[nooby]

I am too technically challenged to get the text but maybe somebody here can explain how it works and how to secure oneself if that is possible?

FaceNiff app for Android puts Facebook hacking in the palm of your hand (and we tell you how to avoid it)
http://www.gizmag.com/faceniff-session- ... app/18786/

FaceNiff is a new Android app that can be used to hijack sessions on public or private Wi-Fi networks without needing to lug around a laptop.

FaceNiff currently "supports" Facebook, Twitter, YouTube, Amazon and Nasza-Klasa (a Polish social network), though more services are promised. Thankfully, the app only works on a select few handsets and requires jailbreaking, so it's not a complete free-for-all just yet.

Regardless of exactly how many people are using these tools, you should be protecting yourself - waiting until you get hacked could be incredibly embarrassing or even costly. Facebook and Twitter both allow you to enable secure HTTP sessions as default, which renders tools like these useless.

Firesheep session hijacking tool makes public Wi-Fi useless
http://www.gizmag.com/firesheep-http-hi ... ool/16726/

In a post on his site Butler describes how Firesheep works. Once installed, Firesheep displays a sidebar with a “Start Capturing

[vickyg2003]

Unsecured wifi is very suseptible to being hacked. The vulnerability comes with the way credentials are handled. There are a couple types of hacks that can happen. The biggest vulnerablility is when you move from https to http and back.

When you enter login information, you should be in a https, while you are logged in, you should stay in an https site. You should log out.

So avoid doing business on unsecured wifi. If you must, if you can use a VPN. If not avoid any sites that move you from https to http or http to https automatically. If you have an HTTPS option for your bookmarks, use them.