 |  |  |  |  |  |  |  |
MySpace the target for another "Month of Bugs"
Please support our Growing an Online Community advertiser: Get a Free Web Site Analysis!
According to ComputerWorld, MySpace seems like the next target for the now-famous "month of bugs" project. The hackers are of course, anonymous, which is perhaps part of the fun of doing such a project. They say that they're going to expose a new bug every day for a whole month, just like the other "month of bugs" projects have done (for example: Month of Apple Bugs and Month of Kernel bugs).
As much fun as it seems, I'm skeptical on how successful and how much of an impact this project is going to have on MySpace. One point that I have to make is that the viewers on MySpace probably couldn't care less about security. Sure, no one wants to have their account hacked, but the measures they take to prevent something like that are quite low, if that is any indication of people's views of security on MySpace. And although the hackers seem like they are trying to make people aware of the bugs, I sort of doubt it's going to work, especially since kiddies are unlikely to read such reports anyway.
I'm also critical of the bugs that they are looking for. In the article, they stated that they are searching for "cross site scripting bugs, which can allow an attacker to execute malicious script within a victim's browser" and "bugs that affect browsers or technologies like Flash or QuickTime". Well, there are definitely security holes in MySpace, but how much different are most of these bugs than the ones that people can implement on their own servers? My suspicion is that a huge amount of these bugs are browser-specific, and are simply filler for when the hackers can't find a "good" bug to post on a particular day.
That being said, I'm beginning to get tired of these "Month of xxx bugs". All too often, the hackers seem to be craving attention for themselves, or to bring bad publicity on the products themselves. Is that a bad thing? Well, it would be if they found "good" bugs. I don't think that to be the case here. For example, one of the hackers even talks about "if it ends up being just as lame as the Month of Apple Bugs...". Exactly. I prove my point.
So I'm not saying that we should choose to ignore the bugs that exist in MySpace, but simply that it's not probable to have much success, and will likely do little to improve MySpace's security (or people's awareness of it). What's wrong with a simple bug submission for heaven's sake?
As much fun as it seems, I'm skeptical on how successful and how much of an impact this project is going to have on MySpace. One point that I have to make is that the viewers on MySpace probably couldn't care less about security. Sure, no one wants to have their account hacked, but the measures they take to prevent something like that are quite low, if that is any indication of people's views of security on MySpace. And although the hackers seem like they are trying to make people aware of the bugs, I sort of doubt it's going to work, especially since kiddies are unlikely to read such reports anyway.
I'm also critical of the bugs that they are looking for. In the article, they stated that they are searching for "cross site scripting bugs, which can allow an attacker to execute malicious script within a victim's browser" and "bugs that affect browsers or technologies like Flash or QuickTime". Well, there are definitely security holes in MySpace, but how much different are most of these bugs than the ones that people can implement on their own servers? My suspicion is that a huge amount of these bugs are browser-specific, and are simply filler for when the hackers can't find a "good" bug to post on a particular day.
That being said, I'm beginning to get tired of these "Month of xxx bugs". All too often, the hackers seem to be craving attention for themselves, or to bring bad publicity on the products themselves. Is that a bad thing? Well, it would be if they found "good" bugs. I don't think that to be the case here. For example, one of the hackers even talks about "if it ends up being just as lame as the Month of Apple Bugs...". Exactly. I prove my point.
So I'm not saying that we should choose to ignore the bugs that exist in MySpace, but simply that it's not probable to have much success, and will likely do little to improve MySpace's security (or people's awareness of it). What's wrong with a simple bug submission for heaven's sake?
Similar Threads
- Send mail in C code containing the "From", "To", "Subject", and "Message" parts (C)
- "Save target as" problem (Windows NT / 2000 / XP)
- Backlinks with target="_blank" (Search Engine Optimization)
- new window? target="_blank" ? (JavaScript / DHTML / AJAX)
- "Save Target As.." isn't working in IE6 (Web Browsers)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Growing an Online Community Posts
- Today's Posts
- Unanswered Threads
adoption analytics api apple beta betatesting blogging bluetooth box browsing bugs building business cios code collaboration community count creepy crime daniweb development digby digg e-learning engineering estate events facebook facelift figures google government hacking hacks hardware ibdg interation internet jobs knowledge lawsuits legal leveraging linux mapping marketing media messaging microblogging microsoft month mozilla music myspace nannycams network networking networks news opensource os policy politics port post postrank preview problem rules running safety small snow social socialnetwork socialnetworking socialnetworks spies spotify stories suicide survey tcp termsofservice traffic tweetdeck twitter vb.net videos virtual vistor vulnerabilities warning web webbrowser windows windows7 workplace youtube
