HTTP vs. HTTPS.... (at last!)
While on Facebook, look at your URL address; if you see http: instead of https: then you don't have a secure session and you can be snooped on.
Go to Account|Account Settings|Account Security and click Change.
Check at least the first setting; FB defaults to the non-secure setting.
Also - change your bookmarks to https://www.facebook.com to login securely (this has been available for ages)
Note - this does not mean FB are being any more on the level with data that they harvest from you, it just means the sessions themselves are now encrypted (most of the time - its not 100 percent given the wording they use)
Copy and repost