RSS Alerts

Related Links

Related Stories

  • Fortify warns on modification risks from portable devices
    Fortify Software is warning that software crackers are likely to continue modifying relatively low-cost specific-application devices, such as e-readers, but that the potential security risks to companies are significant.
  • Spamming the socially active - spam diversifies to Twitter, IM, SMS, etc
    Once poison found only in email accounts, spam is now polluting every form of electronic communication from IM to SMS and from blogs to tweets. But how well is it doing outside its natural domain? William Knight takes a look at non-email spam
  • Fortify warns on Ministry of Defence XSS site flaw
    The ongoing industry security problem of cross site scripting (XSS) flaws has hit the Ministry of Defence, Fortify Software, the application vulnerability specialist, has reported.
  • A blueprint for secure intellectual property
    Protecting intellectual property (IP) is imperative for any business. Providing a unique business model will encourage revenue, and keeping selected information from ambitious soon to be ex-employees should help to stave off the competition. Add a recession to the mix, complete with unscrupulous tactics, legal grey areas and an increase in redundancies, and the brewing threats might just boil over. Rob Stringer looks into the not-so-secret formula for keeping intellectual property secure
  • Nine lives - when malware becomes self-modifying
    As the Conficker (aka Downadup and Kido) worm proved when it first appeared in October 2008, there's more to a piece of malware code than meets the eye, especially when it is self-updating. But can self-updating also mean self-modifying? Steve Gold investigates whether an IT security manager's nightmare has become programming reality...

News

Tony Blair's hacked Facebook profile contains a serious message

27 April 2009

Politics aside, the recent hack of Tony Blair’s Faith Foundation Facebook page reveals a serious problem with the application used in the page’s creation, says application vulnerability specialist, Fortify Software.

"Reports suggest that Tony Blair's Faith Foundation Facebook page has been defaced with references to Martin Sheen, the actor who played the US President in the TV drama The West Wing," said Richard Kirk, Fortify's European director.
 
"The fact that his page was hackable, however, highlights the need to include code auditing in the software development process, something that whoever created the Facebook application used by the Faith Foundation appears to have overlooked," he remarked.
 
Due to the abundance of hacking activity on web portals, Kirk stresses the need for any company planning to show its pages on the internet – including most firms – to be careful when code auditing the pages as well as any applications used.

This is especially important for Web 2.0. services such as Facebook, says Kirk, where the extensible nature of the internet environment allows users to programme their own applets.

"We have reached the stage where interactivity is king on the internet, but it also brings with it the potentially serious problem of IT security. Web 2.0 significantly changes the security paradigm," he said.
 
"Anyone coding software that includes any element of internet interaction, and not just Web 2.0 environments, needs to be aware of the risks, and the fact that hackers are every bit as code-savvy as they are, if not more so," he added.
 

 

This article is featured in:
Identity and Access Management Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water