Mark Zuckerberg's Facebook Page Hacked

dinscott writes "An unknown hacker broke into the 26-year-old internet celebrity's Facebook account and posted a bizarre message calling upon the firm to adopt a social cause. More than 1800 people 'liked' the update before Facebook took down their CEO's page. Facebook has made no public statement about how the hack occurred, possibly to save their CEO from embarrassment."

In other news...

[Magada]

The new /. still sucks. Yeah, mod me offtopic. I'll take the karma hit for a good cause.

Re:In other news...

[drunkennewfiemidget]

WTF. I just came to /. for the first time since the update. If anyone mods you down, it's unreasonable. This really is shit. What a convoluted mess.

Re:In other news...

Hey, I got here from Googling my idol and my favorite site, Facebook.

This is sooo great here, ya know! It looks so kewl here! Can I make you my friend? I could use some of these karma hits you talk about myself. My life has been pretty sucky ....

Hey, this Slash Dot site is pretty good? Where's the Sash dot button on Facebook? .... My buddy theodore saw my face on Starbaucks ad! Isn't that kewl! This is rock'in! I think I'll put this page on my wall.

--Biffy

Re:In other news...

[derGoldstein]

I'm waiting for the "What do you think of the redesign?" poll. There are multiple scenarios in which /. simply became unusable.
Oh, and by all means mod me down too. If nobody criticizes, nothing will change.

Re:In other news...

[commodore6502]

Dear moderators:

If you strike me down I shall become more powerful than you can possibly imagine. (i.e. I'll create a third commodoreXXX account and just post the same message again. I will not be censored by governments nor corporations like slashfrak.) Like so:

Back to topic:

(1) Yes I'm sure the hacking of the CEO's account will make a few heads roll at today's meetings. "Why was this allowed to happen?" will be the shouted words while the managers trip over each other trying to fix the mess & do damage control so they don't get fired.

(2) This new interface sucks. First my classic, text-only settings have disappeared which slows donw loading a LOT. Second the Menus and "reply" buttons do not appear on Mozilla Seamonkey or Opera. I have to set the "mask as internet explorer" flag to trick slashdot into believing Mozilla/Opera are IE. Bogus.

Re:In other news...

[mehemiah]

you've been forced to preview for a while haven't u?

Re:In other news...

[Magada]

Hey... I just checked. The project log for slashcode on sourceforge is empty. The project seems unmaintained.

Re:In other news...

[Culture20]

(2) This new interface sucks. First my classic, text-only settings have disappeared which slows donw loading a LOT. Second the Menus and "reply" buttons do not appear on Mozilla Seamonkey or Opera. I have to set the "mask as internet explorer" flag to trick slashdot into believing Mozilla/Opera are IE. Bogus.

http://slashdot.org/users.pl?op=editcomm should help a little. You only get this link of javascript is turned off (and turning javascript off doesn't seem to help the D2 CPU hogging, BTW).

Re:In other news...

[JackieBrown]

It is offtopic and should be modded that way.

Here is the actual article discussion if you want to bitch on-topic.

http://meta.slashdot.org/story/11/01/25/163257/Slashdot-Launches-Re-Design

Re:In other news...

[Magada]

Think of it as burning karma for great justice. I'm sick of complaint departments that collect complaints and dump them and support e-mail addresses that don't support anything and free speech zones that aren't and generally of all the bullshit of manufacturing consent. I intend to be obnoxious in return.

Re:In other news...

[fishexe]

Think of it as burning karma for great justice.

The only things you're allowed to do for great justice are move 'ZIG' and take off every 'ZIG'. Even setting up someone the bomb is done in opposition to great justice, not for it.

Re:In other news...

[Magada]

Yes, yes. Think of my karma as "every ZIG". Then it will all make sense.

Re:In other news...

[mister_playboy]

(i.e. I'll create a third commodoreXXX account and just post the same message again. I will not be censored by governments nor corporations like slashfrak.)

MichealKristopeitXXX, is that you?

Re:In other news...

[morethanapapercert]

I have no mod points today or I'd give them to you. I don't like all the whitespace, slashdot hurts my eyes now. The cool green glow has been replaced with a bright white glare.

Re:In other news...

Please believe me when I say that I'm telling you this to help you.

You are a troll.

You may not think you are a troll, but you are.

This isn't censorship, this is suffering the consequences of being a troll.

Please, learn how to reign in the troll. You should find you don't need to keep creating alt accounts if you can manage that.

Re:In other news...

[similar_name]

Rather than vague complaints in comments of unrelated articles have you tried providing feedback to Slashdot? I see a lot of people complaining and thinking that because something is broken for them it is broken for everyone. I fail to see how your criticism would lead to change as you sight nothing specific. BTW this isn't just directed at you, but as soon as I saw the redesign my first thought was great, now all of the comments will be complaints about the redesign (before I formed my own opinion I dreaded these predictable comments). If something is broken report it with the browser and OS you are using. If you don't like a design change be specific. And tell them, I don't care.

Re:In other news...

Think of it as burning karma for great justice.

You, sir, are a modern-day Martin Luther King Jr. Our white knight in shining armor, fighting evil-incarnate - the New Slashdot design!

Get a life.

Re:In other news...

[Magada]

Irony and sarcasm really don't translate, do they?

Security

[HaZardman27]

Maybe he'll start taking privacy and security seriously now, but probably not.

Re:Security

[mysidia]

Perhaps, but probably only his privacy and security. He can't give up the advertising revenue; it's FB's lifeblood.

Re:Security

[commodore6502]

1) This new interface sucks. First my classic, text-only settings have disappeared which slows donw loading a LOT. Second the Menus and "reply" buttons do not appear on Mozilla Seamonkey or Opera. I have to set the "mask as internet explorer" flag to trick slashdot into believing Mozilla/Opera are IE. Bogus.

2) Back to topic:

Yes I'm sure the hacking of the CEO's account will make a few heads roll at today's meetings. "Why was this allowed to happen?" will be the shouted words while the managers trip over each other trying to fix the mess & do damage control so they don't get fired.

Re:Security

What does this have to do with privacy? Are you suggesting that if someone is able to successfully login into your Facebook page, including you, they should be unable to see any personal information? Might as well close down the site.

Re:Security

[Yvan256]

What do you mean? An African or European slashdot?

Re:Security

[cayenne8]

"What do you mean? An African or European slashdot?"

I assumed universal, bit if picking...American.

Geez, I can't find shit in here...and when trying to hit options (with firefox), looks like half the options aren't showing up...

Re:Security

[theaveng]

"He's a sellout."

Pretty much.
Like your signature, and it's sadly accurate: "My Dialup plan provides more data (13GB) than Verizon Wireless (5GB)." Or VirginMobile or Cricket or Sprint, also with 5GB caps. - A modern cellphone internet should not be providing LESS data than the old 56k plans.

Re:Security

I agree. ./ has never worked well in my versions of Chrome, and I just can't look at this new style. There's too much whitespace; it's too '2.0' looking. Never mind the terrible drop in quality of submissions and posts. Prolly time to stop coming here ... again.

Re:Security

[Yvan256]

That's nothing, wait until you try to view this reply from your user page!

All I had was HaZardman27's comment at the top then I had to click on all the replies to get to yours.

Slashdot is borked. Let's create our own Slashdot, with blackjack and hookers. In fact, forget Slashdot!

Re:Security

[IshmaelDS]

Only half your options aren't working? I click on options and my window goes dark for a second and them I'm back. No movement at all.

Re:Security

Just to be sure, you're talking about an unladen slashdot, right?

Re:Security

[Rockoon]

Perhaps you were already masking as FireFox?

Identify as Opera works perfectly with Opera.

Re:Security

Maybe if you stopped using Navigator 2.0 and accepted the fact that time and technology move forward (a seemingly depressingly difficult concept for nerds to grasp these days), this wouldn't be a problem for you.

Of course, you're probably the same sort of person who would analyze the old images on a byte-by-byte basis just to find a change and invent a reason to whine about it, so that probably wouldn't help you at all. "See? SEE?!? They DID change the compression method used on these images! The bytes are different! THE BYTES ARE DIFFERENT! What about the significant audience of people on 386es whose browsing experiences will be delayed by a WHOLE HALF SECOND because of this?!? HATE HATE HAET HAT"

Re:Security

[gnarfel]

There is no more unladen Slashdot.

Re:Security

Like your signature

I would certainly hope you like your own signature :P

Re:Security

[BitZtream]

The company I work at offers software as a service, we provide a email marketing add on ... think company wide letterhead for your email messages from individual users in a company to individual users elsewhere, not bulk/spam mail.

Of course we use the service our selves, duh, and as a developer worried about this exact sort of problem I can tell you that ... no one can change high profile users within our organization without direct access to the database server hosts themselves. Their information is more or less hard coded and immutable to everyone outside of myself and an envelope with password reset instructions should I get hit by a bus.

Is it a dirty hack? Yes, but it'll save face in most cases ... not all of course.

My point is that I can't imagine why someone like facebook wouldn't have done this to protect themselves.

Re:Security

[mysidia]

Is it a dirty hack? Yes, but it'll save face in most cases ... not all of course.

If an application server is compromised, or a hole is found in the application, it is possible that the attacker will change the code or produce an SQL injection that will change database server contents, without having direct access to the database server.

If you were really paranoid.... instead of "hard coding"; you would have a special corporate procedure for changing important pages, such as PGP signing of the correct page, and IDS that continuously monitors for any changes (in-line with page loads); and frequent scripts checking the page from another hardened server, and automatically sets off alarms and disables/blocks the high profile page with a generic temporary error message, if an unauthorized change to the pages in the database or anomolous redirect is detected, or the proper procedure was not followed.

Re:Security

[mysidia]

Unladen slashdot looks like this

The old design was fine and comfortable... I didn't see much a need for the visual redesign unless there was a technological/performance improvement basis for it.. "if it aint broke...... " But that's beside the point.

The breakage when trying to follow a 'replied comment' link from the messages page is annoying; having to re-expand and "guess" where the new reply is.

However, compared to Facebook's layout and privacy issues, I can't complain about the new redesign. At least it's still usable; that's kind of what counts the most, even though it is a good bit harder to use.

if zuckerberg went away for a while

and built up a few different anonymous networks of relationships incognito in Europe and Asia,

and came back, and realized "Shit. This network of Friends is totally useless for adding my new friends and lovers."

Then he would finally fix Facebook and make it appropriate for me to use. Until then, like all serious billionaires, celebrities, politicians, and just Renaissance men -- I'm holding out. Good luck, Mark.

Re:if zuckerberg went away for a while

[FredFredrickson]

That is the issue. It puts people who shouldn't know each other into one giant cesspool. Not all my friends are friends with each other.

Re:if zuckerberg went away for a while

it's even worse for people like me who were vegan activists but also were in the military. Come on.

Re:if zuckerberg went away for a while

I recently joined back up with Facebook after a friend of mine criticized me by pointing out you can't "make the internet better if you aren't using it like the people you want to 'help' are." Immediately after creating my account I saw things I didn't want to see. Who wants to sign on to a webpage and be shown pictures of dead friends and ex-girlfriends with it suggesting you be friends? Since then its only gotten worse. People I don't want to be friends with want to friend me which leaves the terrible choice of accepting them, causing other people to wonder why exactly it is that you are friends with this person, or ignore them and give them the satisfaction of knowing you still dislike them.

I'm very interested in contributing to Diaspora. Does anybody know if the culture is accepting of new people or any tips on how to get in to the dev community?

Re:if zuckerberg went away for a while

[vlm]

it's even worse for people like me who were vegan activists but also were in the military. Come on.

"Don't ask Don't Tell?"

Then there's the ex-girlfriends issue, the MCSE studygroup vs Linux club issue, the "friend both my parole officer and my dealer" issue.

Also I strongly dislike the binary "friend" / "notfriend" situation. Can't they at least make it a small range of integers? I was meaning to delete my account for awhile, the thing that made me do it was this burnout dude from over two decades ago whom I hung out with in study hall a couple times wanted to friend me, and I'm thinking, so this dude and my wife are supposedly on the same level, according to facebook's way of thinking?

P.S. I use "whom" in every post to offend certain people. If this does not apply to you, please disregard the whom and this postscript.

Re:if zuckerberg went away for a while

[vlm]

People I don't want to be friends with want to friend me which leaves the terrible choice of accepting them, causing other people to wonder why exactly it is that you are friends with this person, or ignore them and give them the satisfaction of knowing you still dislike them.

Even funnier is when they start comparing whom you accept and reject ... So the guy I sat next to in "diversity training" for four freaking hours is now annoyed at me for not accepting his friend, when he knows I friended his coworker who sent me exactly one work related email but I liked his sig line so he made the cut.

Even funnier when it spills over into work... I was not involved, but I heard of some pretty serious problems where some people would only friend coworkers or reject coworkers of certain racial ancestry, onsite in office behavior was professional but their facebook activities spilled over into work. (And I bet you're already assuming American White vs American Black but it was actually Indians vs Pakistanis, I am not involved but I understand they do not exactly get along)

Re:if zuckerberg went away for a while

[TheLink]

You can create friend lists and have people on that list get a very restricted view.

What I do is create an extremely restrictive list. Then if someone with a name I don't recognize (some random nick) and a profile photo I don't recognize (say some cartoon character) tries to add me as friend, and based on mutual friends it seems like I might know him, I can put him on the restrictive list first. Once I do that, since I am now his "friend" (and assuming he doesn't have "friends" default to restricted access) I can more easily figure out who he is, based on photos etc.

Of course there could be bugs, or FB could always change stuff.

Re:if zuckerberg went away for a while

[gislifb]

Concerning Diaspora. I signed up for an invite some 3 months ago and still nothing. So it seems they aren't sending out invites and if they are, they are doing it really slow.

Re:if zuckerberg went away for a while

People I don't want to be friends with want to friend me which leaves the terrible choice of accepting them, causing other people to wonder why exactly it is that you are friends with this person, or ignore them and give them the satisfaction of knowing you still dislike them.

What is this, highschool? If you're still that hung up on what people think about you and who you associate with, you have a bit of growing up left to do.

Re:if zuckerberg went away for a while

[RadioElectric]

Can't they at least make it a small range of integers? I was meaning to delete my account for awhile, the thing that made me do it was this burnout dude from over two decades ago whom I hung out with in study hall a couple times wanted to friend me, and I'm thinking, so this dude and my wife are supposedly on the same level, according to facebook's way of thinking?

This is troubling you because you are letting Facebook influence the way that you're thinking. It is not some official list for keeping track of what your relationships are with the people that you know. I'd actually find such a thing abhorrent. What it does let you do is let you communicate selectively with a pre-defined (by you!) group of people. Is there really much you'd want to communicate privately to your wife that you wouldn't say or do in-person anyway?

Re:if zuckerberg went away for a while

Ever broken up with somebody, dated another girl, then got back together with the first girl? Its generally significant others that have a problem with the contents of your Facebook page. Its difficult to be petty on behalf of somebody else when you think it would reflect poorly on you and you're half-hearted in the whole process. Keep in mind the purpose of the account was to explore the faults of social networks as they are now. Having said that, I am pretty anxious about social contact and don't like to offend people. I understand this means I still have some work to do, but that doesn't mean it isn't a problem with Facebook where a lot of the users are in fact in high school still.

Re:if zuckerberg went away for a while

[Culture20]

And you just added him to your Facebook "web of trust", so now everyone you know will also add him as a friend. A ton of people I went to highschool with friended a fake person on Facebook, and when I asked them about it, they said they did it because others apparently knew "her". It's just like pgp/gnupg's web of trust, except people don't check at all. There are several people who never defriended "her" after I pointed out this person was lying every step of the way.

Re:if zuckerberg went away for a while

[Culture20]

Who wants to sign on to a webpage and be shown pictures of dead friends and ex-girlfriends with it suggesting you be friends?

The ex-girlfriends I'm okay with (they usually try to friend right away), but the dead-friends thing is creepy. I wish a friend of mine would stop maintaining her sister's memorial page...

Re:if zuckerberg went away for a while

[story645]

You can use filters, groups, and security settings to manage the different types of friends (like livejournal), but the fine-graining is a total pain to enact retroactively if you've got more than a dozen or so friends.

Re:if zuckerberg went away for a while

[fishexe]

I was meaning to delete my account for awhile, the thing that made me do it was this burnout dude from over two decades ago whom I hung out with in study hall a couple times wanted to friend me, and I'm thinking, so this dude and my wife are supposedly on the same level, according to facebook's way of thinking?

They're not on the same level. Your wife gets to be in your friends list and your relationship status!

P.S. I use "whom" in every post to offend certain people. If this does not apply to you, please disregard the whom and this postscript.

It's all good 'cause you used it correctly.

Re:if zuckerberg went away for a while

[fishexe]

Can't they at least make it a small range of integers? I was meaning to delete my account for awhile, the thing that made me do it was this burnout dude from over two decades ago whom I hung out with in study hall a couple times wanted to friend me, and I'm thinking, so this dude and my wife are supposedly on the same level, according to facebook's way of thinking?

This is troubling you because you are letting Facebook influence the way that you're thinking. It is not some official list for keeping track of what your relationships are with the people that you know. I'd actually find such a thing abhorrent. What it does let you do is let you communicate selectively with a pre-defined (by you!) group of people. Is there really much you'd want to communicate privately to your wife that you wouldn't say or do in-person anyway?

Also, he didn't have to accept the burnout dude's friend request. Like you said, "pre-defined (by you!)". Nobody can force you to FB friend them.

Re:if zuckerberg went away for a while

[vlm]

This is troubling you because you are letting Facebook influence the way that you're thinking.

Well, yeah, thats kind of the point of "playing". If you don't want to play, you very well should take your ball and go home, as I did.

It is not some official list for keeping track of what your relationships are with the people that you know.

Thats open for debate. I think the majority hold the opposite opinion.

Re:if zuckerberg went away for a while

Even funnier is when they start comparing whom you accept and reject ...

It's who, not whom.

I'm still pissed ...

[KillaBeave]

... that he shot Bill Murray.

What was his password?

[kmdrtako]

"password" or "123456"?

Re:What was his password?

[lahs0n]

No username.

Password "admin".

Re:What was his password?

"password" or "XXXXXX"?

OT: Interesting security related thing about the new slashdot redesign, if you put your /. password into the comment, it will automatically be replaced with XXXXXX to protect your privacy...

Re:What was his password?

[tverbeek]

Let me try: My password is i<3Taco. :)

Re:What was his password?

[One+Monkey]

but my password is XXXXXX... so I'd better make sure not to type XXXXXX into this comment or else everyone will be able to see that it's XXXXXX.

Re:What was his password?

[BlackHwk98]

I'm gonna roll with his password was P^s5W0rd

Re:What was his password?

[fishexe]

"password" or "123456"?

That's the combination on my luggage!

It will teach him...

[FranckMartin]

..not to let his computer unlocked at the office when he goes to have a piss!

His Fan Page, Not His Account

[eldavojohn]

An unknown hacker broke into the 26-year-old internet celebrity's Facebook account

I don't think that's an accurate account of what happened. It was his Fan Page, not his personal page. That may or may not have been updated by him -- most likely it was some staff or fan of Zuckerberg.

Re:His Fan Page, Not His Account

[jgtg32a]

Why let a little thing like facts get in the way of a good headline

Re:His Fan Page, Not His Account

[HuckleCom]

He prolly doesn't post his own stuff to his -own- account either

Re:His Fan Page, Not His Account

[anti-pop-frustration]

Mark Zuckerberg has "fans"?

I guess sycophancy and worshiping the rich never goes out of style.

Re:His Fan Page, Not His Account

He "probably" doesn't spell it prolly.

Re:His Fan Page, Not His Account

Mark Zuckerberg has "fans"?

He owns ArseBook - he can create as many fans as he likes.

if you click "like" on this

[nopainogain]

does he create a list and delete your account?

Re:if you click "like" on this

[jimmerz28]

One of my friends quoted the headline on his wall and it was removed by Facebook. So that's probably not far off...

Re:if you click "like" on this

[nopainogain]

i fought the trend.. i didnt have a fb account until 2007. it eventually roped me in. Now I'm suceptible to the whims of that wealthy bahstahd. he hasnt bought out slashdot yet has he? (since im calling him a bahstahd)

Re:if you click "like" on this

[jimmerz28]

It's a good way to stay in touch with old WoW friends who don't play anymore.

Just like World Of Warcraft; everything in moderation.

*yawn*

*yawn* *yawn* *yawn*

New job opening

[Kildjean]

Will be available soon because someone will get fired today... I can tell you that...

Re:New job opening

[corbettw]

Yes, that's the proper course of action to take when something goes wrong: immediately affix blame and fire the person who made a mistake. Let's not take the time to learn from our mistakes and ensure we don't repeat them, just get rid of anyone who is at all imperfect.

This is why you are (probably) not in management and never will be. If you are in management, this is why your employees hate you.

Re:New job opening

[Abstrackt]

Yes, that's the proper course of action to take when something goes wrong: immediately affix blame and fire the person who made a mistake. Let's not take the time to learn from our mistakes and ensure we don't repeat them, just get rid of anyone who is at all imperfect.

This is why you are (probably) not in management and never will be. If you are in management, this is why your employees hate you.

Meanwhile, here in reality... How likely you are to get fired is directly proportional to how public your mistake is or was.

For example, if you make a public mistake on a website everyone's heard of odds are your head will be on the chopping block because investors need to see problems are dealt with swiftly and efficiently. If you just spill coffee on your company-issued laptop you're probably just going to get reprimanded and not allowed to have another one but you keep your job because you only made yourself look bad.

Re:New job opening

[Worthless_Comments]

That was the joke. You know, that it isn't the proper course of action.

But hey, wrongly assume you know what someone is talking about then start talking down to them and tell them they'll never be a success? Yep! Can definitely tell you're in management. Keep up the good work, somebody has to prove the stereotypes!

Re:New job opening

You're making a lot of assumptions. Maybe he's just pointing out the way most companies would handle the situation, that doesn't mean he would handle it the same way. I know at every company I have worked there would be a new job opening up, had this happened there.

Re:New job opening

[tverbeek]

I haven't seen any evidence that having a fire-someone-immediately mentality keeps anyone out of management. Except of course the people who are on the receiving end of it. I've seen it (including up close and personal) more times than I want to think about.

Re:New job opening

[locallyunscene]

I don't think they can fire Mark Zuckerberg.

Re:New job opening

[TheSeventh]

Depends on the company. At a company I was doing contract work for, one of their engineers made a dumb mistake, by not paying enough attention to detail, (only a modest amount was needed anyway), and it ended up costing the company $500K. He wasn't fired, but his department and others had to come up with ways to keep it from happening again.

Knowing that the chances of you getting fired are pretty low for making even a stupid mistake helps people to acknowledge and own up to the mistakes faster and with less fear. Then the problems can be dealt with and fixed on a timely basis.

Thinking you might be fired if people find out about your mistake leads to people trying to hide it, cover it up, blame it on someone else, or do whatever they can to keep people from finding out that they did it. This makes it much more difficult to identify, track down, and come up with solutions for the problem.

Which would you rather have your employees doing?

Re:New job opening

[denshao2]

And the hacker will be hired.

Re:New job opening

[Kildjean]

You must be new in Slashdot. Being sarcastic is part of the culture here.
You are right somewhat, I don't manage people, I manage servers... Thousands of them.
People whine bitch and moan... Computers don't, most of them anyways...

Re:New job opening

Yes, tell that to Steve Jobs.

Re:New job opening

[sjames]

Don't mistake observation for advocacy. You are perfectly correct that firing someone usually isn't a decent or useful response to this sort of thing. He is perfectly correct that all too often management scapegoats someone so they can sweep the problem under the rug or at least deflect attention from their own shortcomings (that actually lead to the problem) because they know that THEIR manager will take the same approach.

It's truly pervasive. Honestly, our entire society could be summed up by 2 phrases: "Who's responsable" and "Someone's going to pay for this". The idea that sometimes shit happens is alien to our legal system.

Re:New job opening

The message is signed with "#hackercup2011"

Re:New job opening

[lennier]

People whine bitch and moan... Computers don't, most of them anyways...

I take it you've never tried to compile a Linux system from source and looked at the gcc warning logs?

Re:New job opening

[TapeCutter]

"it ended up costing the company $500K. He wasn't fired, but his department and others had to come up with ways to keep it from happening again."

Yes, it's kinda silly to fire someone when you just spent $500K training them.

Re:New job opening

Woosh.

Re:New job opening

Judging this exchange i can make the following assessment:
1. he is probably not in management because he obviously skipped several steps. Does anybody know? Can you blame somebody else? Certainly any manager knows these prerequisites before firing someone.
2. you probably are in management and always will be, your employees hate you anyway. Mostly because you can't grasp the nuances of a conversation.

Nelson says...

HA HA!

would your holiness care to change his password?

[Hydian]

Maybe god wasn't a good choice of passwords for the superuser account? He should have read the memo.

excellent. Now do /.

[roman_mir]

The next thing that needs to be hacked and improved is /.

I can't even imagine what can be done to the site at this point to make it any more ugly and less user friendly.

You can't invent anything better than BBS for this type of a system anyway.

Re:excellent. Now do /.

Removing about 25 or 50% of the left padding for the comments boxes would be a good start.

Roy Castillo

A few hours ago, many people were tweeting of a Facebook status update from someone called Roy Castillo appearing on their Facebook Wall. Could this be related?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Serves him right.

Suffer you brat!

Gold

Aww man this is just too good.

Haha

I hate to be mean, but I hate Facebook even more. What an ass Zuckerberg is and so are the doofs that use facebook. Say goodbye to your privacy you plebian uneducated dolts.

Re:Haha

I feel a little bad for agreeing with you, but, yes, in fact, I do feel like I'm a better person than people who use Facebook.

Re:MOD PARENTS UP!

[mehemiah]

its open source, Patches accepted.

Re:MOD PARENTS UP!

[Magada]

Accepted where? By whom? Should I mail them to support@slashdot.org?

who cares ..

the guys a schmuck anyway !

Re:MOD PARENTS UP!

[HarrySquatter]

Or they could just get off their lazy asses and actually fix bugs rather than just throwing more and more Web 2.0 junk on the site. Major, and hugely obvious, bugs like that should have never been pushed into production.

Just geos to show..

[Stenchwarrior]

..no matter how much security you try to put around something, someone else can always get around it. That's the nature of the game and I hope it never changes.

Please god where is the like buton for this....

[Lumpy]

Kudos to the person that "hacked" it. what a better way to highlight the security problems with facebook than to target the head cheese.

Re:Please god where is the like buton for this....

He isn't the head cheese. Your confusing him with his billionaire overlords. Remember, he is on the hook until an IPO is complete and he can cash out.

Weird. That's just a few days after

the Facebook page of french president Nicolas Sarkozy was hacked twice in a row. (see http://translate.google.fr/translate?js=n&prev=_t&hl=fr&ie=UTF-8&layout=2&eotf=1&sl=auto&tl=en&u=http%3A%2F%2Fwww.liberation.fr%2Fpolitiques%2F01012316015-la-page-facebook-de-sarkozy-a-nouveau-piratee&act=url)

Is there a little-known vulnerability being exploited again and again, or what?

"Causes"

[Fibe-Piper]

I get spammed by those "Causes" people all the time!

Easy for them to adopt a social cause

[h00manist]

All they need to do is create "citizen council groups" organized by zip code or something, put everyone inside one, set some default topics such as health and education or public representative responsiveness, and they're done.

password complexity - entrophy calculation, etc...

This is also what I think of entropy of most "security question" methods used to reset passwords. This video sums it up succinctly:

http://www.youtube.com/watch?v=_JNGI1dI-e8

Zuckerberg is human...

[kevinkite]

On topic: He can be phished or bypassed just like 99% of the networked populations... Off topic/with parent: I can't see any stories on the front page. I got here from my igoogle gadget because that's the only place I can read the headlines. IE8 (at the office so no way of changing) if that helps.

Re:Zuckerberg is human...

[similar_name]

Not that you should have to, but if you can write anywhere (Documents, Desktop, etc.) you can install FF at least in XP..

I love consultants

[snookiex]

From TFA:

Facebook users - famous or not - need to take better care of their social networking security," said Graham Cluley, senior technology consultant at Sophos.

Scott Adams has depicted them in so many ways...

wtf

[MickyTheIdiot]

How are we sure Slashdot hasn't been hacked.

Go ahead and mod this down, karma be damned... this is disconcerting.

One known vulnerability

[OverkillTASF]

One of my associates manages the Facebook page of a local baseball team. A while back, they started getting iPhone spam posted to their team's Facebook page. No one could tell why. He was changing passwords, taking away peoples' access, running offline virus scans on their hard drives... Losing his mind with it. Each time one of these messages got posted, they'd lose 1,000 fans due to the spam. That's a big deal for companies that use Facebook. Turns out, the issue was due to the "mobile updates" feature. According to him, there's a random email address that you send updates to, and that gets posted to your page. This is not something you can disable, you can only request that the address be changed. The result is that you can basically spam a whole ton of random email addresses in this format and get your message posted to a load of random Facebook pages. Facebook has not been helpful in stopping this or disabling this feature for their account. Since then, I have seen this happen to my girlfriend's Facebook page as well as her friends', etc. This vulnerability is a wide spread problem. It may not be what happened in TFA (I did not read it), but it's out there. And it's insane.

Re:One known vulnerability

Someone needs to tell facebook that obscurity != security

Re:One known vulnerability

"One of my associates manages the Facebook page of a local baseball team. A while back, they started getting iPhone spam posted to their team's Facebook page...."

and there was this one time, in band camp, that......

Re:One known vulnerability

How much is your associate paying Facebook for the privilege of advertising on Facebook with a Fan Page? And what is the SLA provided by Facebook for such payment?

I am guessing the answers to both questions is "zero".

Re:One known vulnerability

[OverkillTASF]

This is incredibly well thought out. I forgot that since this was a free service, you're not permitted to have any concerns about the integrity of information stored on it. Man I'm an ass. Would love to hear how your tune changes when someone starts sending penis enlargement emails to your grandmother directly from your GMail account.

Re:MOD PARENTS UP!

[Culture20]

No patches required. Just revert. All parent posters are correct. This looks worse. This performs worse. This should have been detected in testing.

Re:would your holiness care to change his password

[Spectre]

Maybe god wasn't a good choice of passwords for the superuser account? He should have read the memo.

S'okay, the new password will be selected from the following list:
love
sex
secret
(since, "god" has already been used it has been locked out).

Hacker Cup

It's probably part of the Hacker Cup competition there holding.

Well I guess...

that's why you don't use passwords like "IAMGOD" Mr. Zuckerberg

Good. Karma?

[mujadaddy]

~nt~

Firesheep'D

[Godskitchen]

^^

Hackercup 2011

[Stregano]

Why would Facebook host something called Hackercup 2011 and NOT expect something like this to happen during it? It would be like me going to Def Con with a Windows XP machine, use they open wireless network, and get pissed and think it is weird that my computer got hacked. Seriously. Also, I checked the "Hackercup 2011" stuff they are doing, and it should be called just another programming competition. You put the word hacker in there, and something is getting hacked, for real. Maybe ol' zucky-poo should have thought that one out better. They should let the unknown hacker win the Hacker cup since he did a hack cool enough to not just make headlines, but some people that posted the headline to their status got it removed by FB. I would say that the person won regardless of what the even was (the hacker clearly marked at the end that this had to do with the Hackercup)

Re:Hackercup 2011

[a+Flatbed+Darkly]

I take it that they're referring to "hacker" as in Y Combinator's "Hacker News", as in "programmer in general", rather than the more classic meanings of "one who accesses systems without authorisation by means of exploiting vulnerable code, etc" or "skilled programmer with tendencies to the questionably legal".

Re:Hackercup 2011

In all fairness (FB is anything but), the term 'hackathon' is a carry-over from the hacker culture. Modern day hackers are what once would have been called crackers and hacking was innocent enough.

Re:Hackercup 2011

[neminem]

I feel your definition of "classic" is a bit skewed. The "classic" definition of "hacker" *is* the MIT definition, "one who enjoys fiddling around with technology for its own sake, and coming up with interesting solutions". The "guy who breaks into computers without authorization" definition is the recent one. Granted, there was certainly precedent for the semantic shift - the original MIT "hackers" were known for their pranks of sometimes questionable legality, with regards to such things as trespassing, lockpicking, etc... still, not quite the same concept.

Re:Hackercup 2011

So you're upset that they're using "Hacker" correctly, instead of intending it to have its FUD meaning?

Re:Hackercup 2011

[a+Flatbed+Darkly]

True; by "classic" I meant "more classic than this new definition, which I hadn't seen before Y Combinator took it up", but otherwise you're correct,

Re:MOD PARENTS UP!

[RobertM1968]

Even the threshold slider is broken. The editing AND programming done by this site appears to be done by those with no more than a two-year community college degree. How STUPID can you people be to release something that is broken for most of the users? How is this supposed to be better? Please, enlighten me. Is it better because it looks new? Because you decided to surprise everyone? Come on. Enlighten me. --TSP

That's funny, the slider works fine for me. AND the site is a LOT faster than the previous nightmare (and more streamlined).

Ultimate Facebook security...

I have the ultimate FB security - no account. Tastes great, less filling.

Security hole ?

It's just like in France, Nicolas Sarkozy's page (lol) was hacked 2 times in 2 days.

"Hacked"?

[a+Flatbed+Darkly]

It's clear that none of Facebook's code was compromised, otherwise other high-profile pages would be being defaced. What's more likely here is that, through some human flaw of easy security questions or simple passwords (I can't see the Zuck or his immediate staff using unsecured wifi), the account was compromised. Ergo, not a hack. That pedantry aside, I'm very much pleased to see Facebook knocked down a peg or two, especially in the area of security.

Sarkozy's page was hacked too...

I wonder if there's a link? The French president's facebook account was hacked twice over the last two days (see Le Monde for details).

Re:MOD PARENTS UP!

[Tubal-Cain]

The anouncement says you email Garrett Woodworth at feedback@slashdot.org

Re:MOD PARENTS UP!

[Magada]

With patches? Are you serious?

Re:MOD PARENTS UP!

[Tubal-Cain]

Well, bug reports. Assuming they do accept patches, that'd be a logical place to send 'em.

must be a CEO thing

I guess something happens when you become a CEO---no matter how tech savy you are.

Re:would your holiness care to change his password

Yes, all the cool kids use dog as password, 'cause it's more clever, right?

ok, with it

[hesaigo999ca]

Its all good, as long as the message was positive, and made sense in the long run, should be ok, although it should also go to show that too easy to hack a facebook account and hack their info...I wonder if the perp, knows Zuck's private schedule now....unless Zuck himself knows not post all his coming and goings on facebook.

Password used

The password they used was Chuck Norris

Facebook is a joke

You have to be dumb as rocks to post your real info on Facebook, it's a pile of garbage.

Re:MOD PARENTS UP!

In other news, you're free to grab a shovel and fill in some potholes if you think the road is too bumpy.

Re:would your holiness care to change his password

God wouldn't be up this late!

I can hear Nelson Muntz now

[sxedog]

Ha Ha. How appropriate

His password was

[Yadyn]

iloveericaalbright

You don't get to 200 million dollars without exposing a few clues.

adopt a cause?

SO people actually think it was good or smart of old zucky to give millions to the most corrupt public school system in the country. They neglect the kids for the low low cost of only 17 thousand dollars per student per year. He could have opened free private schools and actually helped some kids. (How much do private schools charge per kid?)

  He should take on all kinds of causes because people so clueless should be parted with their money as quickly as possible before they do real damage

He's not a celebrity

He's just a very naughty boy.

Re:MOD PARENTS UP!

[Magada]

There's no indication that they accept bug reports, even. I sent three reports so far, didn't get as much as an auto-response. Also, you'd kinda expect them to set up a bug tracker if they really cared - given that most of their audience cares and knows enough to actually use it if it's there.

Re:MOD PARENTS UP!

[Tubal-Cain]

There's no indication that they accept bug reports, even.

The announcement I linked to said "Please direct your bug reports and feedback (good and bad!) to Garrett Woodworth who is currently in charge of such things.". I think it's a pretty good indication, but that's just me.

I haven't received a response, either, although on of the issues I reported has been partially fixed.