homenewsreviewscompare pricestalk
NEW TODAY:
NEWS Latest Apple iPod nano spy shot revealed   NEWS Nokia N96 gets BBC iPlayer                                                                            

Facebook's source code revealed and leaked online

"It was not a security breach"

NEWS: 13 August 2007 11:23 GMT by Amy-Mae Elliott

Troubled social networking site Facebook, has another problem to add to the list this morning.

Facebook has had to content with a recent court case in the States in which the site's founder Mark Zuckerburg, is accused of stealing the idea, code and concept behind Facebook.

Also problematic for the site was the recent rash of UK companies pulling their advertising from the website when their ads appeared against undesirable content.

The latest headache for the Facebook team is that some of the site's source code has been leaked on to the internet.

The leak, thought to be a server misconfiguration rather than a hack, has meant that Facebook, a closed source application, could now be open to future vulnerabilities.

The source code, for the main page of the site, was quickly published to "Facebook Secrets", a blog that seems to have been set up purely to distribute the code, which is still live now.

An official response from Facebook, on the site that broke the news, stated:

"A small fraction of the code that displays Facebook web pages was exposed to a small number of users due to a single misconfigured web server that was fixed immediately."

"It was not a security breach and did not compromise user data in any way. Because the code that was released only powers the Facebook user interface, it offers no useful insight into the inner workings of Facebook."

"The reprinting of this code violates several laws and we ask that people not distribute it further."

Although this has not resulted in a security breach, analysis of the code will help hackers find security flaws, which may mean future security issues for the site.

On the subject of site security, at the recent Defcon hackers conference, the security of social networking sites was on the agenda.

Rick Deacon, an American network administrator who discovered a major MySpace flaw stated to AP:

"Facebook and MySpace both patch things that they find, but it's like a sandbox", Deacon said.

"There's so much. And there are probably hundreds more cross-site scripting vulnerabilities there. There's no way they can find them all."

>> Via - Techcrunch


disable ad
Have Your Say
(Email address will not be published)

Facebook
Zoom/See more images

Tags


Latest in Software

NEWS VIDEO: Tech week in view 05/09/08
NEWS Weekly news roundup - 05/09/08
NEWS Daily news roundup - 05/09/08
NEWS Comment: Microsoft's Gates/Seinfeld ad bombs
NEWS VIDEO: Seinfeld and Gates star in Microsoft's new campaign

Latest on Pocket-lint.co.uk

NEWS Latest Apple iPod nano spy shot revealed
NEWS Nokia N96 gets BBC iPlayer
NEWS VIDEO: Tech week in view 05/09/08
NEWS Weekly news roundup - 05/09/08
NEWS Daily news roundup - 05/09/08




Top Stories

WEBSITE OF THE DAY - bbc.co.uk/music/beta

NEWS
WOTD - bbc.co.uk/music/beta

The Beeb lifts the lid on its musical tastes

Comment: Microsoft

NEWS
Comment: Microsoft Ad Bombs

New campaign gets panned by public and industry alike

iTunes 8 with added "Genius"?

NEWS
iTunes 8 With Added "Genius"?

More predictions from Kevin Rose's crystal ball



Came straight to this page? Visit Pocket-lint.co.uk for all the latest news and reviews.

disable ad

Broadband?

Compare 50+ deals available to you

Powered by Top 10 Broadband

Pocket-lint.co.uk poll

Q. Would you pay a premium for a stylish laptop?

Vote YES?
Vote NO?

LAST TIME
When asked Are you addicted to the internet? 60% said yes and 40% said no



disable ad
 

Also available on

news now logo google news logo news yahoo logo

All external sites will open in a new browser. Pocket-lint.co.uk does not endorse external sites. Copyright 2003 - 2008 Pocket-Lint Ltd.

Pocket-lint sites: www.pocket-lint.co.uk | www.photographypress.co.uk | www.gamesdog.co.uk | www.megawhat.tv
disable ad