Facebook Source Code Leaked.

I got this via Mashable!

    facebookhome.PNG

Not intentionally, alas: a story topping Digg from an anonymous one-hit-wonder-blog called FacebookSecrets (an increasingly common tactic for spreading data around) shows that a part of Facebook’s source code was exposed to some users this weekend. The blog reposted all the code, which must surely have ruined Zuckerberg’s weekend. A server misconfiguration, not a hack, is being blamed. Facebook has since confirmed the issue.

Now we just need the ConnectU code to be exposed and we can close that case. ;)

This does, however, raise serious questions about how secure Facebook may be. A code leak is a major, major problem for the site – the only thing that would generate more fear would be a hack that gained access to user data.

And that’s the huge risk: Facebook promotes itself as a place to connect to your “real” self. In fact, they delete any profile that doesn’t represent a real person (I was forced to change my profile name from “Mashable” to my own, for instance), pretty much guaranteeing that 100% of the data stored there is correct. They also prevent people from signing up with names that sound fake. An exposure of user data, therefore, is the identity thief’s dream.

These risks increase as Facebook and other social networks open up: Facebook apps have yet to be abused, but there’s the potential to do so.

My suggestion to Facebook: make a PR move like hiring a “security expert” or releasing a security mandate. Anything to stop non-technical journalists picking up on these issues and blowing them out of proportion, similar to MySpace’s pedophile stories.

2 thoughts on “Facebook Source Code Leaked.

  1. Allan

    I see they only got the home page. I saw the photos.php code and “accidentally” saved it to my desktop. I may be forced to post it to my blog to “ask for help” :)

    Reply
  2. Pingback: Abbadingo » Blog Archive » Facebook Source Code Leaked.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>