快猫短视频

MySpace hacker gets his profile deleted

After demonstrating how to hack into other users' accounts, a US college student was humbled to find his own account disabled

After demonstrating a trick for hacking into other users鈥

accounts at a prominent computer security conference on Sunday, a US college student was humbled to find his own account disabled.

Rick Deacon, a student at the University of Akron in Cleveland, Ohio, US, revealed several techniques aimed at gaining access to other users鈥 MySpace accounts at the conference in Las Vegas, Nevada, US.

Shortly after his demonstrations, however, Deacon found a message in his MySpace inbox informing him that his account had been suspended for violation of the site鈥檚 terms of use. 鈥淚n retrospect, I should have used a dummy account,鈥 he told AFP.

The hacking techniques demonstrated by Deacon included a technique known as cross-site scripting, which involves adding extra information to a trusted web page in order to mislead a user or to perform to a remote action on their machine, via the web browser.

Cookie catching

By tricking a victim into clicking on a link, Deacon showed that it is possible to capture the web browser file, known as a 鈥渃ookie鈥, which automatically logs a user into the site. This can then be used to access their account, Deacon said.

The vulnerability has not been verified independently, but Deacon appeared to demonstrate it live before his audience. He also claimed that he alerted MySpace to the problem some weeks ago but that the site had not responded. Now, however, MySpace has patched the vulnerability.

Bruce Schneier, a renowned computer security expert with , based in California, US, says the demonstration highlights a trend in the computer security community, which has seen experts probe social networking sites more and more.

鈥淚t鈥檚 not that MySpace is worse than anything else,鈥 he told 快猫短视频. 鈥淚t鈥檚 just that social networking sites are becoming juicier targets.鈥

Risky business

A survey carried out by the and software firm in October 2006 suggests that people who use social networking sites often engage in 鈥渞isky鈥 behaviour online. Some 74% of users said they would divulge personal information, including email addresses and birthdays, through such sites. The report suggests that this could increase the risk of online identity theft.

鈥淎s more and more people rely on MySpace for their social interactions and for their personal information, you鈥檙e going to see more of these hacks,鈥 Schneier says.

Deacon appeared humbled by having his accounted deleted. 鈥淚f you talk to them, tell them I鈥檓 sorry,鈥 he told reporters at DEFCON. 鈥淚鈥檒l keep my new MySpace account as what it should be 鈥 a place for talking to my friends.鈥