The challenge was pretty good and was focussed on Facebook security or insecurity rather. Before I list my answers to the challenge, make sure to check out my blog post on Facebook privacy settings guide. The objective of this hacking challenge was to access a file on someone’s account. The way to access that person’s Facebook profile was to add that person’s friend to my friends list and then misuse the “share with friend of friends” privacy setting on Facebook.
Check out the challenge first before scrolling down and see if you can solve it first.
Google claims that its browser Google Chrome is able to isolate events that may crash a browser, isolated within those individual tabs. However, an issue exists with how Google Chrome handles undefined handlers in chrome.dll version 0.2.149.27 which is the latest version of the browser. A crash can result without any user interaction.
When a user visits a malicious link which has an undefined handler and followed by a special character, the browser crashes. You can also crash the browser by typing the characters :% in the Chrome URL bar. Google Chrome crashes with a message ” Whoa! Google Chrome has crashed. Restart now?”
This is a great presentation by Johnny Long at Defcon. He talks about how easy it is to gain access to secure locations without any “hacking” aka physical security.http://video.google.com/videoplay?docid=2846156252478942794
Discovery Channel played a very interesting documentary titled “The History of Hacking”. This goes into the whole history of hacking starting with phone phreaking and Blue boxes and to the present state of hacking.
However, a significant portion of this documentary tackles Social Engineering especially the most famous or rather infamous social engineer of all, Kevin Mitnick. Folks in Computer Security should definitely read up on Kevin Mitnick’s books , The Art of Deception and The Art of Intrusion, both very interesting reads.A video used to be embedded here but the service that it was hosted on has shut down.