Please Share

Sunday, January 20, 2008

Wired Exposes MySpace Flaw

According to a Wired.com blog post, MySpace has had a serious security flaw since at least October that was being exploited openly without reaction from the site until the news went mainstream. The bug allowed "voyeurs, hackers, entrepreneurs and lechers" to view private photo galleries and profiles to be viewed without permission. It was so well known in fact that websites such as MySpacePrivateProfile.com emerged that took advantage of the flaw and made it easy to peer inside the private postings of thousands of MySpace users. In a Threat Level Blog post, Kevin Poulsen writes "Barely 24 hours after my story hit the front door of Wired.com, MySpace has, without comment, closed the backdoor, and the websites that were exploiting it are no longer delivering private photos." The question then becomes did MySpace know about the bug all along? If this flaw was so well known that websites have been exploiting it for months why didn't MySpace fix it? Are the that oblivious to what was going on or where they quietly enjoying the extra page views? This will be interesting to follow.

Search

Google