Facebook's "Secret Crush" malicious widget tricks users

Discussion in 'malware problems & news' started by ronjor, Jan 4, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,746
    Location:
    Texas
    Story
     
  2. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    Last year Facebook announced their third-party developer platform. I didn't pay much attention to it. I should have.

    Facebook Launches Facebook Platform; They are the Anti-MySpace
    http://www.techcrunch.com/2007/05/24/facebook-launches-facebook-platform-they-are-the-anti-myspace/
    Platform Application Terms of Use
    http://developers.facebook.com/user_terms.php
    How will someone be able to trust any third-party application (executable) that appears on the site? My one user of Facebook - a teenager - knows not to click-to-install anything that pops up on the screen. But this is different.

    If you tell your users to say "NO" to everything, then they are deprived of part of the site's activities.

    I suppose running the browser in a Sandbox will be one solution...


    ----
    rich
     
Loading...
Thread Status:
Not open for further replies.