Quantcast

Monday, November 27, 2006

Factual Leak - StudiVZ and Facebook

Don Alphonso reported StudiVZ that has a DATA huge leak - which seems tonne accélérateur de prise prochain big problème the dans les StudiVZ the history.
The images d'acres saved on a serveurs different and public accès have - StudiVZ the despite DATA that announcement privacy is ensured. Even, their competitor and Facebook.com potentiellement buyer reveals same the more security leak which speculations identical rancunier codes about and ongoing co-operation.
If you go tonne StudiVZ.net and sign up, you boîte mer of other galleries picture the d'utilisateur - unless they changed their settings and only their friends boîtes mer immediate have their galleries. If you a have look AT a personne' s and you tonne want picture save IT by right-clicking on you GET picture et tous les the as a response is : « http://www.studivz.net/images/space.gif » - which is dessus empty picture.

Si lointain ainsi good. But acres there two ways how tonne GET picture the anyway

  1. Go tonne thumbnails of each utilisateurs site the. Toute la thumbnailed boîte accélérateur de prise pictures directly saved. L'If you la copie gauchement into your URL, IT the veut say something like this : http://217.188.35.147/albums/2006-09/04/ABC123/def456-9876-m.jpg with ABC123 representing utilisateur profils the identité, def456 representing album identité the and 9876 representing ID. If picture the you suppressions - m the, you GET picture whole the.
  2. If you view whole the gallery, just charge source code the for this site. IT veut you un emplacement of on picture the serveurs d'image the exact the give of StudiVZ. IT ainsi shows you why you space.gif got - if anybody right-clicks à l'on a rancunier only gives picture et the cuire une adresse the of space.gif the.
  3. This ainsi works if you acres signed off.

With Facebook, you problème - IT is tonne easier even save a that except same the have by right-clicking on IT picture. Tous les other things acres almost emplacement same et the the of each found dans une source the code picture is :

http://photos-pe.facebook.com/ip002/v12/34/56/userID/nUserID_AlbumID_PictureID.jpg

Since problème the has already mentioned dans (mer Jörg-Olaf de berger and here here), and les StudiVZ the since blog-o-sphere the founders acres been of, they should acte issue the aware soon and of Internet the website whole the take.

For Yahoo.com, of Facebook potentiellement buyer the, problème of StudiVZ the and no-response-policy by Facebook the should accélérateur de prise a focus of fins observation.

No comments:

Earn From Your Site

Get Chitika | Premium

My Blog List