Facebook redesign has hidden the “send update to fans” link on your facebook page. Also: it’s changed how your fans find your updates. Not great news there.
[ UPDATE: Facebook has reversed itself and fixed this vulnerability ]
The Register’s Dan Goodin has the scoop on an obvious security vulnerability that’s being ignored by the powers at Facebook.
The issue, as demonstrated by this proof-of-concept, shows how a social network application can be rigged to hijack a Facebook user’s session identification cookies, deliver pop-up messages or change the color of Facebook pages. Continue reading “[now fixed] Facebook refuses to fix obvious security flaw”
This is mostly a geek-read, so let me sum it up for you. The more apps you add to facebook and myspace, the less safe you are. Don’t add people you don’t know well (ouch, log in my own eye) and use unique passwords for each account. This or this may help.
“A quick (and very much incomplete) hall of shame here includes MySpace, LiveJournal, and Hi5, all of which we’re surprised haven’t sunk into the East Bay under the weight of their own pwnability.”