Slashdot Mirror

← Back to Stories (view on slashdot.org)

Social Networking Sites Full of Security Holes

Posted by CmdrTaco on from the 2.0-is-harder-than-1.0 dept.

athloi writes "Social networking Web sites such as MySpace.com are increasingly juicy targets for computer hackers, who are demonstrating a pair of vulnerabilities they claim expose sensitive personal information and could be exploited by online criminals."

6 of 76 comments (clear)

  1. I'd say the real threat isn't holes, but ho's by elrous0 · · Score: 5, Insightful

    It wasn't a security hole that allowed someone to blackmail Miss New Jersey. The real danger of these networking sites are dumbasses who post embarassing pictures and blogs about themselves IN THE OPEN, not anything a hacker needs to dig for.

    --
    SJW: Someone who has run out of real oppression, and has to fake it.
    1. Re:I'd say the real threat isn't holes, but ho's by Spy+der+Mann · · Score: 3, Insightful

      Yes, but assume that some sites DO implement security features like only allowing your data to be shown to your "buddies". What happens when these security measures get broken?

      The other day i could watch a demonstration of a XSS attack on meebo due to lack of server-side validation.

      Now add a little AI / data mining to this:

      (New entry, mo/day/yr) "Here's a picture of me and my daughter Jessica playing on the NN. park" -> AI -> name: Jessica. Picture: (insert here). Last seen on: MMDDYY. Location: NN. Park.

      There! You could make a database of potential victims for threats, blackmailing, and what not. The only thing that makes me feel safe is that such AI data mining technology hasn't been developed... yet.

      As a rule of thumb, follow Murphy's law: What can go wrong, WILL go wrong (remember the recent SSN leaks?) Unless social networking sites have been PUBLICLY certified as having greater security than Fort Knox, stay away.

  2. A Net is a Bunch of Holes Sewn Together by Doc+Ruby · · Score: 3, Insightful

    Is giving your personal data to a company that sells it to spammers or anyone else with a buck when they start going bankrupt a "security hole"?

    --

    --
    make install -not war

  3. i wouldn't be surprised by sleekware · · Score: 5, Insightful

    i wouldn't be surprised to find out that most of the hacked accounts had passwords that were something that was listed under the favorite things on a user's profile.

  4. No SSL by jerbenn · · Score: 3, Insightful

    How can anyone expect to keep their myspace login credentials private when they don't even have the login page SSL'd? Those bunch of retards!

  5. Stereotyping? by Andy+Dodd · · Score: 4, Insightful

    "Yet another MySpace security hole" somehow translates to "All social networking sites are full of holes"?

    Just a LITTLE bit of stereotyping in the article title I think?

    --
    retrorocket.o not found, launch anyway?