Ah another flaw in Myspace, this time it’s quite dangerous exposing the details of teenagers.
A security hole in the popular MySpace social networking site allowed users to view entries marked “private”, a crucial protection for users aged under 16, according to weekend reports.
Though the site is said to have fixed the problem, it was said by news reports to have been active for months. Nobody at MySpace was immediately available for comment.
The explosion of social networking sites has caused significant worry for parents and politicians over how to protect children from sexual advances over websites. The amount of information that young people reveal about themselves coupled with the opportunities for deception by sexual predators has led to concerns that the sites can be dangerous.
Normal for Myspace, things don’t get fixed for a LONG time.
“In the UK, the vulnerabilities alleged could amount to a breach of the Data Protection Act,” said Struan Robertson, editor of OUT-LAW.COM and a technology lawyer with Pinsent Masons.
The Data Protection Act says “appropriate technical and organisational measures” must be taken to prevent unauthorised access to personal data held by organisations.
“For any site, the technical measures that are appropriate will vary depending on the type of data held and the harm that might result from a security breach,” Robertson said. “There is best practice guidance in the UK for sites used by children and, if the allegations are true, it may be that MySpace fell short of the standard expected.”
This basically means anyone in the UK who got ‘hacked’ in this way is legally able to sue!
Source: The Register
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- Another 0-day MySpace XSS Exploit
- MySpace Hackers in Police Custody
- MySpace Paedo Caught by PERL Script
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,134,616 views
- Hack Tools/Exploits - 577,996 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 412,373 views