"Facebook source code has been leaked on the Web, and that's raising
some serious issues about the site's security and data privacy.
Source code from the social networking site's main index page
appeared on a blog called Facebook Secrets recently and remained there
Tuesday. The blog does not contain any other postings.
"A small fraction of the code that displays Facebook Web pages
was exposed to a small number of users due to a single misconfigured
Web server that was fixed immediately," a Facebook spokesperson said
Tuesday. "It was not a security breach and did not compromise user data
in any way."
Still, developer Nik Cubrilovic wrote in a TechCrunch blog
posting that the leaked code could reveal vulnerabilities in Facebook's
applications that could be exploited.
"From just this single page of source code, a lot can be said
and extrapolated about the rest of the Facebook application and
platform," he said. "At a quick glance, I know that I can see some
obvious things in the code that both reveal certain hidden aspects of
the platform and give a potential attacker a good head start."
Article Link: http://www.informationweek.com/news/showArticle.jhtml?articleID=201800144
