| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 16 Jan 2010 07:39:25 -0500
From: Michael Scheidell <scheidell@...nap.net>
To: bugtraq@...urityfocus.com
Subject: facebook 'routing flaw'?
AP Report says it was a 'routing problem'? any idea what they are
talking about, do THEY know what they are talking about?
Did AT&T mix up the destination ip addresses? did facebook NOT CHECK IP
ADDRESS AND COOKIES and disable the session when the ip changed?
<http://www.foxnews.com/scitech/2010/01/16/network-flaw-causes-scary-web-error/>
SAN FRANCISCO – A Georgia mother and her two daughters logged onto
Facebook from mobile phones last weekend and wound up in a startling
place: strangers' accounts with full access to troves of private
information.
The glitch — the result of a routing problem at the family's wireless
carrier, AT&T — revealed a little known security flaw with far reaching
implications for everyone on the Internet, not just Facebook users.
--
Michael Scheidell, CTO
Phone: 561-999-5000, x 1259
> *| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
Powered by blists - more mailing lists