Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Stealing my POST data

Okay, this is probably quite basic, but the implications are important to me in this phase of development. I am thankful for any input and discussion.

The data in this example are not protected using SSL encryption.


page1.php/asp contains a form which POSTs the variables username and password to page2.php/asp.


  • Can ANYONE from ANYWHERE intercept my POST data just by listening for it, perhaps with some third party software like Firesheep?

If the above question renders TRUE:

  • Should I always consider my unencrypted POST data freely available for anyone?
  • Are the standard login form on my site just a ploy to depict a layer of security that's not even there?
  • Should I then consider the login feature just as a way for me to personalize the user experience?
  • Does it make sense to encourage the user NOT to use his or her normal (assumed safer) password, since it won't be protected during their registration and login procedures?

I ponder these issues, I appreciate any input and feedback.

like image 752
Mattis Avatar asked May 16 '11 10:05

Mattis


People also ask

What does it mean when someone steals your data?

Data Breaches A data breach is an incident that exposes confidential or protected information. A data breach might involve the loss or theft of your Social Security number, bank account or credit card numbers, personal health information, passwords or email.

How do hackers steal your data?

Just like any thief, a hacker will choose the most vulnerable targets they can find. But instead of using lock picks to steal from your home or business, they use software to steal your personal data. Hackers will often try to glean information such as credit card numbers or bank account information.

How data can be stolen?

Compromised downloads An individual might download programs or data from compromised websites infected by viruses like worms or malware. This gives criminals unauthorized access to their devices, allowing them to steal data.


2 Answers

When the user submits the login form through unencrypted HTTP, their data gets sent to your server by traveling through a series of routes. At any one of these routes, yes, someone could sniff the data. Also if the user's machine was infected, the hacker could sniff the data locally.

If it's a login form you should be using SSL, period. Also make sure the user's password is encrypted in your database. The process for logging in should be:

  1. User submits login via HTTPS with username and password
  2. Server takes password and applies a hashing algorithm to it, generally using MD5, though something strong like SHA256 is recommended
  3. Server compares encrypted value to encrypted value in the database

That way, if your database is ever hacked, the passwords are very VERY difficult to figure out (unless they used something basic like 'password', but that's their fault at that point).

Does it make sense to encourage the user NOT to use his or her normal (assumed safer) password, since it won't be protected?

You'll be driving users away.

like image 119
onteria_ Avatar answered Sep 19 '22 05:09

onteria_


Can ANYONE from ANYWHERE intercept my POST data just by listening for it, perhaps with some third party software like Firesheep?

No, the traffic has to pass near them.

If the above question renders TRUE:

It doesn't, but even so.

Should I always consider my unencrypted POST data freely available for anyone?

Unless it only travels across a LAN, then yes. If it does only travel across a LAN then add the qualifier "on that LAN" and the answer will be yes.

Are the standard login form on my site just a ploy to depict a layer of security that's not even there?

No

Should I then consider the login feature just as a way for me to personalize the user experience?

Certainly you shouldn't do anything serious without encryption.

Does it make sense to encourage the user NOT to use his or her normal (assumed safer) password, since it won't be protected during their registration and login procedures?

It would make sense to do so for any system. Even if the communication was secure, your server could be compromised in the future, or a third party system could be and then the data there used to attack your system.

like image 36
Quentin Avatar answered Sep 21 '22 05:09

Quentin