HACK
Cookies are basically stored on your computer when you log onto Orkut. But why? Suppose you are navigating from one page to another, orkut has no way to tell if that navigation is secure until and unless you give it the password. But giving a password everytime will be cumbersome. So to avoid that Orkut saves a certificate on your computer, in the form of a cookie telling that if a request has the cookie information attached( as it is a local information only the owner has it right now ) then the navigation is secure.
Are cookies permanent? NO
Cookies have a lifetime which is defaulted to Session, i.e. as soon as you logout your cookie is destroyed. Orkut specifically has Session Lifetime.
So when you log in again a new cookie is assigned... have a screenshot of the cookie information...
How are they hacking it... if you click a malicious link and you have the cookie stored at that time... you are done!
The cookies is sent over the net to the hacker, he edits his own cookie with your information... as long as you dont logout the cookie holds goooood and you will be raped all angles :P.The links they are keeping on hacked profiles are malicious so if u click them u'll compromise badly.
SAFE BROWSING
Those who didnt get hacked, dont click any malicious link or hacked profile links! A higher precaution can be to logout after each use and not keep the account idle for exploits...
Those who got hacked.... do the following
1. Change the pic, aboutme, your sex, orientation and wat not :P
2. Remove the malicious communities from the account... see for malicious friends!
3. Logout immidiately..... actually as u'll goto the commmunity to remove it... they'll get your cookie! It takes time to process it... 5-10 min atleast.... make your changes and logout... the cookie will be destroyed.
4. Obviously the "Non hacked users" rules apply :P
Happy Orkutting, Chirkutting ;)
No comments:
Post a Comment