« USA Today fun with XSS | Main | Blog Security »

Facebook source code leaked

"Facebook source code has been leaked on the Web, and that's raising some serious issues about the site's security and data privacy.

Source code from the social networking site's main index page appeared on a blog called Facebook Secrets recently and remained there Tuesday. The blog does not contain any other postings.

"A small fraction of the code that displays Facebook Web pages was exposed to a small number of users due to a single misconfigured Web server that was fixed immediately," a Facebook spokesperson said Tuesday. "It was not a security breach and did not compromise user data in any way."

Still, developer Nik Cubrilovic wrote in a TechCrunch blog posting that the leaked code could reveal vulnerabilities in Facebook's applications that could be exploited.

"From just this single page of source code, a lot can be said and extrapolated about the rest of the Facebook application and platform," he said. "At a quick glance, I know that I can see some obvious things in the code that both reveal certain hidden aspects of the platform and give a potential attacker a good head start."

Article Link: http://www.informationweek.com/news/showArticle.jhtml?articleID=201800144


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!