Thoughts on user/customer support of websites offering free services

During the last years I most probably used the same websites like you: GMail, Facebook, Zynga Games (games being offered through MySpace and Facebook for example) and many more. They all have one thing in common: They are offering free services. And all of them are companies. And all of them have an interested in […]... Read More

Facebook fixed some XSS vulnerabilities

Finally: Facebook fixed several XSS vulnerabilities. Tt was possible to redirect users (who type a specific search string into the search box) to external websites, steal their cookies etc. I wrote about it here. Sadly they ignored many vulnerabilities for a long time and didn’t even bother to reply on mails and security reports.... Read More

Some updates

During the last days lots of stuff was going on. Facebook was hacked but nobody seems to take this serious, at least that is my impression here in Germany. Although the media are aware of the issue, they completely ignore it. Not even the data privacy websites picked that topic up. This leaves the impression […]... Read More

Security group claims to have compromised

The security group Inj3ct0r claims to have hacked The published document (date: 6th April 2010) shows step by step how they proceeded and how easy it was to exploit a SQL injection vulnerability within the app tvshowchat and other files. It was possible to receive the entire database structure, tables, columns, contents, the database […]... Read More