News: Facebook Private Photos

When I checked TechMeme this morning (yesterday evening was rather busy), I discovered a reminder that even a large site like Facebook is susceptible to the sort of query string problems I’ve discussed previously. Kudos to those who found the hole, and to Facebook for apparently fixing it quickly once it received wide attention.

A commenter on ReadWriteWeb, however, pointed out that the hack appeared even before this month – though I’m not positive this is the same hack that the AP referenced. Either way, this news story serves as another reminder for developers to check their query string inputs.

eBay announces Facebook integration, PayPal Access; latter gives "commerce identity," uses one-time password for sites: http://t.co/fILSRPFo
about 4 hours ago from web
CSRF's not a big deal, right? It could never be as serious as, say, code execution. Right? Wrong: http://t.co/hzsWDX3T (PDF via @superevr)
about 4 hours ago from web
Rant on products and platforms by a Google engineer accidentally posted publicly; mentions accessibility vs. security: http://t.co/eLtdhYIu
about 5 hours ago from web
Really interesting article from Echo Nest co-founder on music identification in Facebook; shows semantic web challenges http://t.co/0PfW85db
08:57:22 PM October 11, 2011 from web
I hadn't watched any demos of Siri until this one - looks pretty awesome! http://t.co/KEhdAsLi (via @flyosity)
07:38:35 PM October 11, 2011 from web

News: Facebook Private Photos

Leave a Reply

Further Updates from Twitter

Search Archives

Facebook Page

Content License

Post Archives