funsec mailing list archives
'Misdirected Cookie' Lands Family on Strangers' Facebook Accounts
From: Paul Ferguson <fergdawgster () gmail com>
Date: Fri, 15 Jan 2010 16:56:07 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via MSNBC.com (AP). [snip] A Georgia mother and her two daughters logged onto Facebook from mobile phones last weekend and wound up in a startling place: strangers' accounts with full access to troves of private information. The glitch — the result of a routing problem at the family's wireless carrier, AT&T — revealed a little known security flaw with far reaching implications for everyone on the Internet, not just Facebook users. In each case, the Internet lost track of who was who, putting the women into the wrong accounts. It doesn't appear the users could have done anything to stop it. The problem adds a dimension to researchers' warnings that there are many ways online information — from mundane data to dark secrets — can go awry. [snip] More: http://www.msnbc.msn.com/id/34885006/ns/technology_and_science-security/ - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLUQ6eq1pz9mNUZTMRAodzAJ9ULA9xr2q8jKicH9c18eReK2jaawCgzakx 5wjh+Pr9jym7qLjWr3t912A= =7k8l -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Misdirected Cookie' Lands Family on Strangers' Facebook Accounts Paul Ferguson (Jan 15)