Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security The Internet

Social Networking Sites Full of Security Holes 76

Posted by CmdrTaco from the 2.0-is-harder-than-1.0 dept.
athloi writes "Social networking Web sites such as MySpace.com are increasingly juicy targets for computer hackers, who are demonstrating a pair of vulnerabilities they claim expose sensitive personal information and could be exploited by online criminals."
This discussion has been archived. No new comments can be posted.

Social Networking Sites Full of Security Holes More

Social Networking Sites Full of Security Holes

Comments Filter:

  • Re:Hey...Wait a minute (Score:5, Informative)

    by SatanicPuppy ( 611928 ) * <SatanicpuppyNO@SPAMgmail.com> on Monday August 06, 2007 @03:25PM (#20133319) Journal
    Hey, you gotta give 'em credit for a quick turnaround on the openness issue...Only took 'em three hours (according to story submission time) to go from closed to too open.

    In the end it's hardly surprising. These sites aren't designed with security in mind, and they allow user code on the pages. Game over man, game over. Blah blah blah SSL, blah blah blah strong passwords, blah blah blah restrict user code...This stuff is all basic.

  • Re:Perhaps ran into one of these (Score:4, Informative)

    by SatanicPuppy ( 611928 ) * <SatanicpuppyNO@SPAMgmail.com> on Monday August 06, 2007 @03:34PM (#20133415) Journal
    It's almost always cookie cloning or password theft...That's the devil deal with Javascript, and allowing people to put their own widgets on their pages. Set up some XSS stuff [wikipedia.org], or just make a shiny widget and put in on your page and use it to snag cookie info.

    Not much you can do about it other than turn of javascript by default. It's pretty annoying actually...These vulnerablities have been known forever, but patching them would break a lot of code, so they stay open.

  • Myspace hole that's funny (Score:3, Informative)

    by British ( 51765 ) <british1500@gmail.com> on Monday August 06, 2007 @03:58PM (#20133727) Homepage Journal
    There's a feature where in Myspace you can set all your pictures to "private". But most idiots on myspace insist on having a myspace slide show on their profile page(along with 2000 other flash applets). Click on the picture in the slideshow, now you can see the album! Just use previous/next to navigate through them.

    Then there was the time I was on myspace, and a banner ad tried to send me a virus. You would think Myspace would be a bit more discretionary who it lets send banners over. Tsk tsk!

    Of course, not as fun as the images directory being left open on all angelfire pages. Some of those were fun to sort through, showing pictures not intended for the public(ie nudity, etc).

  • Try Deleting Your Facebook Account (Score:2, Informative)

    by kellyb9 ( 954229 ) on Monday August 06, 2007 @06:03PM (#20135183)
    I recall reading a story recently regarding this issue. From a girl's facebook account, researchers had enough information to steal her identity in 15 minutes. On a side note: I am not able to delete my facebook account. To fully delete it, I have to remove everything from my wall and every friend, I've ever had. Don't really want to do that. I can "disable" it. Personally, i would just like to be removed from their database. No seriously - i sent them the SQL statement that would probably take care of it. I fully detest facebook.

Slashdot Top Deals

The moon is made of green cheese. -- John Heywood

Close