Gregory writes in to point out that Facebook does a lousy job of monitoring the development of its third-party Platform applications—and in fact many of them are written so badly that they can be easily hacked. The examples he cites, which are listed in the winter issue of the hacker magazine 2600, are all fairly mild stunts like spoofing user IDs, changing the moods of another user, and re-routing gifts, “but this information could be used to mount large scale social engineering attacks if automated and coupled with other information.” To illustrate how easy it is to change another user’s settings, he pointed us to a YouTube example of how to change another users “mood” via the Mood app.
Photographs taken of Liam Johns’ crib by the Sacramento County Coroner’s Office clearly show where it came apart.
About 1 million Simplicity cribs were recalled yesterday due to several deaths related to a defect which can cause children to become trapped and suffocate.
The New York Times is reporting that Microsoft Vista has security flaws. Yes, already. In addition to a flaw that lets users increase their own privileges and override all the new fancy Vista security, there’s a “troubling” flaw in IE7. “The browser flaw is particularly troubling because it potentially means that Web users could become infected with malicious software simply by visiting a booby-trapped site.”