Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Very disappointing comment. Everybody is free to choose to use facebook or not to use it. I chose not to use it, but I do not have the right or any moral obligation to stop others from using it. This guy did not have the right - and fortunately chose not to exercise it - to mess with other people's free choices in life. Besides that, the likely only effect any activity like you are suggesting would have had is that he would have ended up in jail and facebook would merrily continue.


Seeing as it's a brute-force per-account attack, a more accurate title would have been "How I could have hacked any Facebook account". Hacking "all of Facebook" would have been prohibitively resource-intensive for the hacker, and would likely have been caught and shut down before any real damage to the platform was done.


The hacker could of worked with the black market. They could use a botnet to slowly hack a large percentage of FB potentially. Seeing as how they disabled rate-limiting on a pubic facing beta with user data, why assume they would notice brute forcing against beta?


The attack involves resetting the user's password, which would have made the original user unable to access their own account until they reset the password back. After several such incidents were reported, Facebook likely would have cottoned on.


This alone would be enough to permanently cripple Facebook in the eyes of the public if applied "correctly."

The iCloud/Fappening totally wasn't a big deal either, right? /s


Apple wasn't brought down by the fappening.


Ok, we changed the title to say "any" rather than "all".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: