MySpace Hacker: Fix Is Flawed

Sometimes, it's not curiosity, recognition, or money that motivates a bugfinder. The hacker who exposed the latest MySpace vulnerability did so because he needed a zero day to qualify for a special hacker team.

Kuza55, who released proof-of-concept code on a zero-day vulnerability on MySpace this week, says he had never before checked the social networking site for holes. "I was prompted to find the MySpace vulnerability because I wanted to join the zero-day team so that I could see other people's research and ideas," he says. "And they had asked for a zero-day to show that I actually had some skills and could contribute to the group." Dark Reading - Desktop Security - MySpace Hacker: Fix Is Flawed - Security News Analysis

Linked by shanmuga Thursday, 26th October 2006 11:18PM