The Inquirer-Home

Facebook engineer loses security challenge

The dangers of shooting your mouth off
Tue Jul 06 2010, 10:31

A SENIOR SECURITY ENGINEER at the social notworking site Facebook who was responsible for site reliability engineering is probably regretting laying down a challenge to his mates.

According to TechCrunch, the unnamed employee was so proud of his security set up that he challenged his workmates to hack Facebook's administrative system via information obtained from his page.

It took only two weeks, but we assume they were not full time on it.

Apparently the way they did it was via his home WiFi network. They intercepted data from his home network after capturing his WPA password by luring him into logging into a rogue WiFi SSID that appeared to be his own router.

It is not that difficult to do, apparently. Once they got in they sniffed his home network, monitored his Internet activity and obtained clear-text passwords.

These are all well known attack vectors so it is a little sad that the security engineer, who should have known it was coming, didn't work out a way of stopping it. It would have been a lot worse if the challenge had been open to every hacker on the world wide web. µ

 

 

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Masque malware is putting iPad and iPhone user data at risk

Has news of iOS malware made you reconsider getting an iPhone?