Armed to the teeth with Kali Linux, any reasonably intelligent individual can execute a MITM or Man-In-The-Middle by packet sniffing and injecting packets into the stream against Facebook.
This is of concern when on public wireless networks, or public local area networks.
Read the documentation here.
Protect yourself by running a desktop client like Adium, and encrypting your chats.
In Adium, go to [cci]File – Facebook – Edit account – Privacy[/cci] tab then change Encryption to “Encrypt Chats Automatically”
Sadly, as this is a step forward it’s still not a solution. If and when you have Facebook open, either in a current session or by starting one your chat’s will be populated with your Adium activity – thus reversing the “encryption”
So, to prevent accidently sending insecure information back into your browser, disable Facebook Chat!
Log into your account and click [cci]Chat – Options – Offline[/cci]
This is a step forward, but the fact remains that most will use the Facebook website for its convenience (no desktop client required) and accessibility – and consequently be vulnerable to attack. Never ever ever send passwords, credit card numbers, social security numbers, or anything that you wouldn’t want a stranger in the street to find in your trash over Facebook chat. You have been warned.