Comments on: Social Security 101: Query Strings http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/ Checking the security and privacy of social networking applications, white hat style... Sun, 14 Mar 2010 04:32:43 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Who and Where are those early Facebook people? « Traveling Bits and Bytes http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/comment-page-1/#comment-1076 Who and Where are those early Facebook people? « Traveling Bits and Bytes Mon, 15 Dec 2008 17:32:16 +0000 http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/#comment-1076 [...] here’s an article that discusses the security hole caused by this (i think, i just scanned it). Posted by [...] [...] here’s an article that discusses the security hole caused by this (i think, i just scanned it). Posted by [...]

]]> By: Social Hacking » Blog Archive » Social Me Still Too Social http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/comment-page-1/#comment-310 Social Hacking » Blog Archive » Social Me Still Too Social Wed, 16 Jul 2008 19:27:11 +0000 http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/#comment-310 [...] And it’s not even a POST request - I just enter a certain URL in my browser with a few query strings modified accordingly.  The server does nothing to validate who is making the request.  It reminds [...] [...] And it’s not even a POST request – I just enter a certain URL in my browser with a few query strings modified accordingly.  The server does nothing to validate who is making the request.  It reminds [...]

]]> By: Social Hacking » Blog Archive » Social Security 102: Client-Side Code http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/comment-page-1/#comment-87 Social Hacking » Blog Archive » Social Security 102: Client-Side Code Mon, 11 Feb 2008 16:44:30 +0000 http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/#comment-87 [...] Second in a series.  First post: Query Strings [...] [...] Second in a series.  First post: Query Strings [...]

]]> By: Social Hacking » Blog Archive » Facebook Application History Pages http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/comment-page-1/#comment-84 Social Hacking » Blog Archive » Facebook Application History Pages Mon, 04 Feb 2008 08:14:02 +0000 http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/#comment-84 [...] thought I would go ahead and do a combined post about an issue I keep encountering.  In my post on query strings, I noted that applications with some sort of history page are susceptible to a privacy problem if [...] [...] thought I would go ahead and do a combined post about an issue I keep encountering.  In my post on query strings, I noted that applications with some sort of history page are susceptible to a privacy problem if [...]

]]> By: Inside Facebook » Many Facebook apps lack simple security checks http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/comment-page-1/#comment-81 Inside Facebook » Many Facebook apps lack simple security checks Sun, 03 Feb 2008 09:30:56 +0000 http://theharmonyguy.com/2008/02/01/social-application-security-101-query-strings/#comment-81 [...] hacker” theharmonyguy, who has identified security lapses in some of the most widely used Facebook and OpenSocial [...] [...] hacker” theharmonyguy, who has identified security lapses in some of the most widely used Facebook and OpenSocial [...]

]]>