Ramblings & ephemera

Friendster doesn’t get security

From Annalee Newitz’s Cracking the Code to Romance (Wired: June 2004):

Moore’s buddy Matt Chisholm chimes in to tell me about a similar hack, a JavaScript app he wrote with Moore that works on Friendster. It mines for information about anyone who looks at his profile and clicks through to his Web site. “I get their user ID, email address, age, plus their full name. Neither their full name nor their email is ever supposed to be revealed,” he says.

Notified of the security holes Moore and Chisholm exploit, Friendster rep Lisa Kopp insists, “We have a policy that we are not being hacked.”

Comments are closed.