/* ---- Google Analytics Code Below */

Saturday, April 23, 2011

Weapons of Mass Assignment

In CACM: A Technical article, with implications for privacy-aware open source development:

Weapons of Mass Assigment

A Ruby on Rails app highlights some serious, yet easily avoided, security vulnerabilities ...  In May 2010, during a news cycle dominated by users' widespread disgust with Facebook privacy policies, a team of four students from New York University published a request for $10,000 in donations to build a privacy-aware Facebook alternative. The software, Diaspora, would allow users to host their own social networks and own their own data. The team promised to open-source all the code they wrote, guaranteeing the privacy and security of users' data by exposing the code to public scrutiny. With the help of front-page coverage from the New York Times, the team ended up raising more than $200,000. They anticipated launching the service to end users in October 2010 ....  "

More in Diaspora.

No comments: