The security officer of Facebook, Joe Sullivan, said, Wednesday, January 26, that the social network had fixed a security flaw that was used to divert briefly Page by Mark Zuckerberg, founder and CEO of Facebook. The fault was probably also used to post messages twice on the page of Nicolas Sarkozy on Sunday night and Tuesday morning.
"A vulnerability has allowed third parties to publish updates to some articles on public pages. The flaw has been corrected," said Sullivan, asked about publishing a status page on the enigmatic Mr. Zuckerberg . The flaw was in the API (application programming interface) of Facebook, in which the ability to publish updates was inadequately secured, details Cnet.
Joe Sullivan could not confirm or deny that this same vulnerability was used to publish twice a message on the page of Nicolas Sarkozy, saying he would not run in 2012. These posts were quickly deleted by the Elysee. But the method clearly remember that used to post on the page of Mr. Zuckerberg.
In most cases, the diversion of Facebook accounts are carried by stealing the password of the account. When a third party has access to the password of the account, it can not only post new messages, but also erase the past or change the password to ensure complete control over the page.
The fact that messages have been published twice on the page of Mr Sarkozy, but without the password is changed or other changes take place, suggests that "diversions" were made through the fault of the API.
"A vulnerability has allowed third parties to publish updates to some articles on public pages. The flaw has been corrected," said Sullivan, asked about publishing a status page on the enigmatic Mr. Zuckerberg . The flaw was in the API (application programming interface) of Facebook, in which the ability to publish updates was inadequately secured, details Cnet.
Joe Sullivan could not confirm or deny that this same vulnerability was used to publish twice a message on the page of Nicolas Sarkozy, saying he would not run in 2012. These posts were quickly deleted by the Elysee. But the method clearly remember that used to post on the page of Mr. Zuckerberg.
In most cases, the diversion of Facebook accounts are carried by stealing the password of the account. When a third party has access to the password of the account, it can not only post new messages, but also erase the past or change the password to ensure complete control over the page.
The fact that messages have been published twice on the page of Mr Sarkozy, but without the password is changed or other changes take place, suggests that "diversions" were made through the fault of the API.
- Nicolas Sarkozy hacked on Facebook to say he won't seek re-election (24/01/2011)
- Hackers cause internet storm after breaking into Nicolas Sarkozy's Facebook page and announcing his resignation (24/01/2011)
- Nicolas Sarkozy's Facebook page hacked (24/01/2011)
- Hackers break into Sarkozy's Facebook page and announce his resignation (24/01/2011)
- Quelle Horreur! French President Embarrassed By Facebook Hack (24/01/2011)
Nicolas Sarkozy (homepage)  Nicolas Sarkozy (wikipedia)  Facebook (homepage)  Facebook (blog)  Facebook (crunchbase)  Facebook (wikipedia)  Détournement (wikipedia)  
No comments:
Post a Comment