Month of Facebook flaws gets underway
A security researcher has vowed to reveal technical details of a series of cross-site scripting vulnerabilities involving Facebook applications during September. theharmonyguy plans to give developers 24 hours' advance notice about flaws involving their web applications before exposing them publicly. The project takes its cue …
Well done to Zynga and Facebook for patching their apps so quickly. Makes a change from the Microsoft attitude of "ok, thanks for telling us" followed by deathly silence for a few months until a patch appears.
No, the biggest flaw is to allow waste-of-bandwidth-and-bytes like Twitter, MySpace, Facebook etc to even exist on the web. The "brains" behind these sites should be taken out and shot.
@ AC well you obviously don't get sites like twitter, MySpace and Facebook.. Twitter is very limited and I personally don't get "why" it exists. MySpace / facebook well they are a great way of letting your mates know what your up to and help you plan out your weekend. I wonder AC if you have enough mates, me I have friends all over the place. Okay so I can't nip down the pub for a pint with most of them but that's not the point... Keep up the good work, carry on.
No, the difference is with my mates, I'll call them or text them or email them. I don't need to put my activites on a website I don't control for other morons to read. Plus I have better things to do than hang out at the pub or sit in front of a computer telling people I'm in front of a computer, like some kind of sad bastard. I'd rather spend time with my kids. If someone wants to know what I'm doing, they can use the bloody phone and call me.
I'm really, really glad for you that you have friends everywhere. Shows what a popular guy you are.
The only social networking site that's worth anything is LinkedIn, and that has a genuine purpose as far as I'm concerned, it's not all about pointless "look wot I did 2day" crap.
oooooooo.....
saucer of milk for A/c please....
Serioulsy man.. you need to take a chill pill... different strokes and all that ;-)
Gordon telling me that I "obviously don't get something" when he doesn't know anything about me isn't exactly going to make my response to him more friendly My point is there's much better things to spend time on, and do with the internet, than all this web2.0 social networking rubbish.
Anyway, have a beer, have a smile.
"I'll call them or text them or email them. [...] I don't need to put my activites on a website I don't control for other morons to read."
So who controls your email? How about your mobile phone? Sure, it's not a website but I'm sure it'd be just as easy for someone to find a way into your emails or your SMS messages. Maybe a bit of phone-tapping here and there wouldn't go amiss too.
"The only social networking site that's worth anything is LinkedIn, and that has a genuine purpose as far as I'm concerned, it's not all about pointless "look wot I did 2day" crap."
Much as I may agree with this statement, unfortunatly it seems we're in the minority on this one. The punters clearly love being able to tell everyone about the virtualfarm they run.
picked my nose and ate it, and thought that I should tell the world + dog.
#retweet: Pete 8: picked my nose and ate it, and thought that I should tell the world + dog.
Fnarr fnarr...
I think it's obvious why Paris is here...
24 hours notice is a bit mean. I wouldn't like to be working at Facebook this month.
I wish they'd fix the non-security bugs in facebook.
Like when I choose "all friends" in the menu I don't get a list of all my friends.
And some other equally obvious bugs that I can't be arsed to remember.
Sign up, sign up for The Register's weekly IT security newsletter - click here
