Social Hacking | Checking the security and privacy of social networking applications, white hat style...

Jan. 23, 2010

In Defense of Walled Gardens

It’s easy to assume that when it comes to data and software development, “open” is always better than “closed.” We’ve seen an explosion of open source software, praised companies for supporting open standards, and breathlessly tracked products with “open” in their name, from OpenID to OpenSocial. “Closed” has become the scarlet letter of the Internet, at times expressed by the censure...

Keep Reading

Jan. 21, 2010

Posted by theharmonyguy | 1 comment

Facebook Applications are Now Even More Valuable Hacking Targets

I’ve demonstrated countless times over the past year that cross-site scripting vulnerabilities in Facebook applications can be exploited to make Facebook API requests on behalf of the application. This type of attack, which I called a FAXX hack, enables one to not only post links to Facebook for viral effects but also harvest a wealth of information on victimized users along the way, such as name, date of birth, interests, family members,...

Keep Reading

Jan. 1, 2010

Posted by theharmonyguy | 16 comments

Backup or Export Your Facebook Account

Update This post has been superseded by “An Updated Guide to Backing up or Exporting Your Facebook.” Please refer to the new post for more current instructions and disregard the information below. Original Post Last update: 4 Jan 2010, 4:56PM EST Introduction Over the last several years, I’ve seen several technology analysts criticize Facebook for not giving users greater control over their data. Many have commented that while...

Keep Reading

Dec. 28, 2009

Posted by theharmonyguy | 3

10 Basic Concepts of Facebook Privacy

Your name, your profile picture, your gender, your current city, the networks...

Dec. 24, 2009

Posted by theharmonyguy | 19

Easily View Hidden Facebook Friend Lists

Amid all the festivities of the Christmas season, the time off from other...

Dec. 19, 2009

Posted by theharmonyguy | 3

Months Later, Old Facebook Privacy Probl...

I’ve tried. I’ve tried to give Facebook the benefit of the doubt....

Dec. 19, 2009

Posted by theharmonyguy | 2

Facebook Knows What You Did Last Summer

Pardon the creative title. In working on accessing Facebook photo albums...

« Older Entries

Next Entries »

"This data was not manually put on Infochimps by MySpace, but retrieved and packaged from their API by Infochimps and placed on our site."

Posted about 1 hour ago from web
My last post may be the longest I've ever written - basically, everything you ever wanted to know about exporting your Facebook data.

Posted about 3 hours ago from web
I'm getting the most random pingbacks on my clickjacking post... seems like some sort of attempted SEO trickery.

Posted about 3 hours ago from web
RT @JulesPolonetsky I am a (privacy respecting, arms length) groupie of danah boyd (@zephoria); she talks privacy at sxsw http://j.mp/czuCLI

Posted about 4 hours ago from web
New Post: An Updated Guide to Backing Up or Exporting Your Facebook Account http://bit.ly/95o2MW

Posted about 4 hours ago from web

In Defense of Walled Gardens

Facebook Applications are Now Even More Valuable Hacking Targets

Backup or Export Your Facebook Account

10 Basic Concepts of Facebook Privacy

Easily View Hidden Facebook Friend Lists

Months Later, Old Facebook Privacy Probl...

Facebook Knows What You Did Last Summer

Further Updates via Twitter

Search Archives

An Updated Guide to Backing Up or...

Facebook Adds Code for Clickjacki...

Introducing Social Hacking’...

Using Google Buzz Can Expose Your...

Honesty Box Hacked

Easily View Hidden Facebook Photo...

Content License