Monday, February 05, 2007

More facebook hacking

Discovered another little hole in Facebook which lets you view anyone's notes - even those who are not on your friends list or those you don't even know. You can read about the hack (in detail) on this page.

I have packaged it as a bookmarklet so using it is drag-and-drop simple. This is mostly not because of any security hole in Facebook, but a simple default setting which most people never bother to change. For anyone worried about this, all you have to do to prevent your notes from being viewed is to use the My Privacy page sensibly, instead of leaving it to defaults.