Shanktified!

The personal thoughts, opinions and typos of Ron Shank

[now fixed] Facebook refuses to fix obvious security flaw

by 1 Comment

[ UPDATE:  Facebook has reversed itself and fixed this vulnerability ]

ZDNet.com reports:

The Register’s Dan Goodin has the scoop on an obvious security vulnerability that’s being ignored by the powers at Facebook.

The issue, as demonstrated by this proof-of-concept, shows how a social network application can be rigged to hijack a Facebook user’s session identification cookies, deliver pop-up messages or change the color of Facebook pages.  [Read more…] about [now fixed] Facebook refuses to fix obvious security flaw

The ugly truth: Satan, social networks and security

by Leave a Comment

This is mostly a geek-read, so let me sum it up for you.  The more apps you add to facebook and myspace, the less safe you are.  Don’t add people you don’t know well (ouch, log in my own eye) and use unique passwords for each account. This or this may help.

“A quick (and very much incomplete) hall of shame here includes MySpace, LiveJournal, and Hi5, all of which we’re surprised haven’t sunk into the East Bay under the weight of their own pwnability.”

More here >> The ugly truth: Satan, social networks and security.