Examining the leaked code reveals vulnerabilities in Facebook's applications that could be exploited, a developer said.
Facebook source code has been leaked on the Web, and that's raising some serious issues about the site's security and data privacy.
Source code from the social networking site's main index page appeared on a blog called Facebook Secrets recently and remained there Tuesday. The blog does not contain any other postings.
"A small fraction of the code that displays Facebook Web pages was exposed to a small number of users due to a single misconfigured Web server that was fixed immediately," a Facebook spokesperson said Tuesday. "It was not a security breach and did not compromise user data in any way."
Still, developer Nik Cubrilovic wrote in a TechCrunch blog posting that the leaked code could reveal vulnerabilities in Facebook's applications that could be exploited.
"From just this single page of source code, a lot can be said and extrapolated about the rest of the Facebook application and platform," he said. "At a quick glance, I know that I can see some obvious things in the code that both reveal certain hidden aspects of the platform and give a potential attacker a good head start."
He said Facebook would need to work quickly to "mitigate the risk to users," adding that hackers were already examining the code.
Public relations firm xyzPR said the leak raises other concerns about Facebook's overall security and data privacy.
"If the main source code for a site can be leaked, then it can be said that almost anything is possible," the PR firm reported through a press release on FastPitch. "Facebook has become such a success and has such a high profile that it has become a magnet for attacks against its systems."
Facebook disagreed and warned others not to publish or distribute the code.
"Because the code that was released only powers the Facebook user interface, it offers no useful insight into the inner workings of Facebook," a Facebook spokesperson said. "The reprinting of this code violates several laws and we ask that people not distribute it further."
The Agile ArchiveWhen it comes to managing data, don’t look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
2014 Analytics, BI, and Information Management SurveyIT’s tried for years to simplify data analytics and business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.