Denial-of-Service Attack Against Facebook

Another technique, reported a week or two ago, is to create a new Facebook group, add the intended target as administrator, and then post material which contravenes Facebook’s terms and conditions. Voila: all administrative accounts for the group are disabled.

Rusty • January 9, 2013 11:09 AM

All the experimental indications are that you only need an obit with a vaguely similar name. No need to fake, just google. Maybe they’ll tighten it a bit now, but it appears this has been an open issue since at least 2009.

Dave • January 9, 2013 12:34 PM

There’s a flip side too, a Facebook user who was a personal friend died (at a tragically young age) and the reminders from FB were upsetting to some. That issue was resolved, though. All-in-all there’s a balance and I think social media are useful even if not ideal.

Dave

wiredog • January 9, 2013 12:57 PM

Given that Rusty hardly ever posts to his own website, it was probably easy to fake his death.

J. • January 10, 2013 3:30 AM

I hope they have safeguards against repeated attacks.

Andre DeMarre • January 10, 2013 6:11 PM

This isn’t new:
http://jeremiahgrossman.blogspot.com/2011/03/robert-rsnake-hansen-age-34-has-passed.html

Two years ago internet security researcher Robert Hansen, aka RSnake, announced he would leave the web app sec research scene and stop blogging. His peers performed this same attack to “memorialize” his Facebook persona.

Mv • January 11, 2013 1:57 AM

relevant. Elvis is alive!
http://www.isxdead.com/person/10783/Elvis%20Presley

Schneier on Security

Comments

There’s a flip side too, a Facebook user who was a personal friend died (at a tragically young age) and the reminders from FB were upsetting to some. That issue was resolved, though. All-in-all there’s a balance and I think social media are useful even if not ideal.

Leave a comment Cancel reply