Facebook Exploits

[White_Eskimo]

sorry to let you down in that case d34dl0k1

You are a tough customer not to find this stuff juicy! Most of the time, it is the simple stuff that gets overlooked. I appreciate this isn’t an intricate hack, but it doesn’t have to be as long as it works. Take into account that there are tons of RPC based web services ARE secure even though they rely on sessions for authentication and do not transmit data via HTTPS. This is not an exploit that it allows individuals to gain root access to a Facebook server. Instead, this is an issue with Facebook’s architecture and the data they choose to transmit. By taking advantage of their system, users can easily gain full access to each other’s accounts. I completely see your point that this is a network exploit, but it is only exploitable because Facebook allows it to be. Because they put all of the information in a single area, it is easy to take advantage of. If they were to spread the load out, meaning store some information on their servers, and other information in a client’s cookie, they could create a much more secure service. You can have the attitude that because it is a network exploit, Facebook is not responsible. I however believe that developers should attempt to secure their service as much as possible. Facebook can implement several techniques to prevent users from attacking each other.

This exploit is not solely related to sniffing attacks at all. In fact, in my paper i describe how a user can obtain the same kind of data using an XMLHttpRequest in a signed script. Also, the Mozilla browser suffered from a bug that allows scripts to violate the same site origin policy not long ago. I just pointed out that all a malicious hacker has to do is steal cookies to gain access to a users account. There are tons of ways to do this. Facebook expects a secure network connection, and a secure browser. If web developers rely on browser developers and IT engineers, and if browser developers and IT engineers rely on web developers, then the service will never be secure. I believe that Facebook needs to step up to the plate and do everything in their means to create a safer application.

Facebook would use your argument in its defense. The fact that it is a network issue is not good enough however, since they do have the ability to protect against it. Vulnerable exploits are vulnerable exploits. It doesn’t matter how the attacker gets in, what matters is that the attacker got in. I appreciate your funny examples of physical attacks, but most companies take this sort of stuff very seriously. There is a reason why lots of collocations are locked down and have cameras all over.