Swati Khandelwal writes:
Ever wonder how to hack Instagram or how to hack a facebook account? Well, someone just did it!
But, remember, even responsibly reporting a security vulnerability could end up in taking legal actions against you.
(Yeah, I’ve recently been reminded of that myself. :))
An independent security researcher claims he was threatened by Facebook after he responsibly revealed a series of security vulnerabilities and configuration flaws that allowed him to successfully gained access to sensitive data stored on Instagram servers, including:
- Source Code of Instagram website
- SSL Certificates and Private Keys for Instagram
- Keys used to sign authentication cookies
- Personal details of Instagram Users and Employees
- Email server credentials
- Keys for over a half-dozen critical other functions
Read more on The Hacker News.
Shocking. Oh please! There are tens of stories about this issue. You had to feature the one from an Indian that can barely write English and uses Kim K-like headlines.
People who write/report the news are generally not the ones who write the headlines. Swati’s article contained a lot of details and links that I thought readers might find useful. She didn’t just describe Wesley’s research, but included comments and responses on the Facebook threat/issue. If you think there’s better news coverage out there, I’d appreciate it if you would post a link to them as I didn’t see them.