Facebook security cracked by company employees

Two weeks ago, Twitter has settled FTC charges that it deceived consumers and put their privacy at risk, since security lapses allowed hackers to obtain administrative control its system.

This was the first case of this kind that the FTC brought against a social networking service, and Facebook has obviously taken it as a warning and an incentive to thoroughly check its own defenses.

As TechCrunch reports – a senior Facebook engineer whose work centers on site reliability has issued a challenge to all company employees – they have been given permission to try any tactic they can think of in order to obtain information from him that could lead to a compromise of Facebook’s administrative system.

Does it surprise anyone that they succeeded? Granted, it took them a couple of weeks, but they supposedly managed to compromise his home WiFi network by intercepting his WPA password when he logged in into a rogue Wi-Fi router set up by them.

Gaining further information and passwords was, at this point, an easy thing to accomplish – they simply monitored his Internet activity and got hold of the (unencrypted?) data transmitted – passwords and all.

If anything is to be learned from this instance, it’s how difficult it is to protect oneself from attackers who have the means and the motivation to spend a lot of time assaulting a particular target. What makes is so scary is the fact that Facebook keeps so much information about its users.