The Null Device

2005/10/15

A user of the social-network site MySpace has found a novel way of making lots of friends: by inserting a piece of JavaScript code into his page which caused all viewers to friend him:

The next step was to simply instruct the Web browser to load a MySpace URL that would automatically invite Samy as a friend, and later add him as a "hero" to the visitor's own profile page. To do this without a user's knowledge, the code utilized XMLHTTPRequest - a JavaScript object used in AJAX, or Web 2.0, applications such as Google Maps.

Taking the hack even further, Samy realized that he could simply insert the entire script into the visiting user's profile, creating a replicating worm. "So if 5 people viewed my profile, that's 5 new friends. If 5 people viewed each of their profiles, that's 25 more new friends," Samy explained.

For a brief time, Samy had more than one million new friends. Then MySpace noticed that something strange was happening, shut the site down and cleaned the script off users' pages. Google's Evan Martin has an analysis of the code.

(via /.) ¶ hacks making friends myspace risks security social software worms 1

The Null Device, being a stream of links and commentary on culture, technology, current events and whatever the author finds interesting.

With your host, acb.

This site makes no pretense of being objective and no guarantees of accuracy.

As this blog is produced in a facility that processes sarcasm, individual posts may contain traces of sarcasm.

S	M	T	W	þ	F	Sa
«	Oct 2005					»
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31