Teen data on Myspace compromised

Found on The Register on Tuesday, 29 August 2006

A security hole in the popular MySpace social networking site allowed users to view entries marked "private", a crucial protection for users aged under 16, according to weekend reports.

The profile of anyone under 16 was changed so that it was automatically set to "private", a status that users could previously choose, but which was not compulsory. Users over 18 attempting to contact users under 16 now have to type in the child's actual first and last name or email address in order to initiate contact, a move designed to protect children from unsolicited advances.

"Many myspacers use CSS [cascading style sheets] to hide their comments, friends list and blog links," wrote AtariBoy. "These elements are not deleted tho [sic] and are still available publicly to anyone. You can view them by one of two methods below."

So to bypass their security measures, you just have to display the source of the website? That's even worse than those Javascript logins to secure areas. This idea of "protecting" minors is a total failure in itself. Simply lie when you sign up and make yourself younger than you are; no problems anymore. And why would anybody post private information online anyway to begin with? That's like throwing your money on the street, hoping that some signs and a little fence will stop people from taking it.

Browse all articles« Previous « » Next »