A SENIOR SECURITY ENGINEER at the social notworking site Facebook who was responsible for site reliability engineering is probably regretting laying down a challenge to his mates.
According to TechCrunch, the unnamed employee was so proud of his security set up that he challenged his workmates to hack Facebook's administrative system via information obtained from his page.
It took only two weeks, but we assume they were not full time on it.
Apparently the way they did it was via his home WiFi network. They intercepted data from his home network after capturing his WPA password by luring him into logging into a rogue WiFi SSID that appeared to be his own router.
It is not that difficult to do, apparently. Once they got in they sniffed his home network, monitored his Internet activity and obtained clear-text passwords.
These are all well known attack vectors so it is a little sad that the security engineer, who should have known it was coming, didn't work out a way of stopping it. It would have been a lot worse if the challenge had been open to every hacker on the world wide web. µ
It's time for our regular two-step through the Google news
Bug bounty offer: accepted