Posted by theharmonyguy | 10 comments
Introducing Social Hacking’s New Look—and Myself
I’m happy to make several announcements today. First, I’ve long felt this blog had a rather staid design that needed upgrading. Over the last several weeks, I’ve worked on putting together the new look you now see at theharmonyguy.com. I went ahead and brought the theme live, but I still plan on making further adjustments to the code, so I’d ask for patience as the site developers. Thanks to Elegant Themes for providing...
Keep ReadingPosted by theharmonyguy | 10 comments
Using Google Buzz Can Expose Your Gmail Address
I’ve discovered another trick that may surprise some, this time relating to Google’s services. I don’t view the issue as a vulnerability, but it likely goes against user privacy expectations. In short, having a public Google profile (which you might have created when checking out Google Buzz) can allow others to figure out your Gmail address. This really shouldn’t be that surprising, given that your username is generally...
Keep ReadingPosted by theharmonyguy | 4 comments
Facebook’s Fluid Definition of Publicly Available Information
In yet another example of security through obscurity, Facebook modified their platform last July to prevent applications from accessing public photo albums for users that were not friends of the logged-in user. Facebook had previously said such applications did not violate the site’s privacy policy, since the behavior followed photo album privacy settings – applications could only load albums marked as visible to...
Keep ReadingPosted by theharmonyguy | 3
Cross-Site Scripting Pop Quiz
You have ten seconds to spot the problem in the image below. Ready? Go! I...
Posted by theharmonyguy | 4
Why I Think the iPad Will Succeed
If you’re sick of iPad stories, forgive me for bringing it up and ignore...
Posted by theharmonyguy | 3
In Defense of Walled Gardens
It’s easy to assume that when it comes to data and software development,...
Posted by theharmonyguy | 1
Facebook Applications are Now Even More ...
I’ve demonstrated countless times over the past year that cross-site...

