Warning: INSERT command denied to user 'dbo292345962'@'74.208.59.105' for table 'watchdog' query: INSERT INTO watchdog (uid, type, message, variables, severity, link, location, referer, hostname, timestamp) VALUES (0, 'php', '%message in %file on line %line.', 'a:4:{s:6:\"%error\";s:12:\"user warning\";s:8:\"%message\";s:400:\"INSERT command denied to user 'dbo292345962'@'74.208.59.105' for table 'captcha_sessions'\nquery: INSERT into captcha_sessions (uid, sid, ip_address, timestamp, form_id, solution, status, attempts) VALUES (0, '09f42bfd920943fbe4d1702c1d526b54', '54.209.18.224', 1545220480, 'comment_form', '15f834e4d61c921fd1c03dccf50162d8', 0, 0)\";s:5:\"%file\";s:62:\"/homepages/25/d199835659/htdocs/ID/modules/captcha/captcha.inc\";s:5:\"%line\";i:99;}& in /homepages/25/d199835659/htdocs/ID/includes/database.mysql.inc on line 135
Facebook Increases Security with HTTPS and Social Friend Captchas | Inferno Development

Facebook Increases Security with HTTPS and Social Friend Captchas

Facebook HTTPS

Today, Mark Zuckerberg's fan page got hijacked by a skilled hacker, who posted something about how Facebook should fund itself through the social network rather than banks. After that, Facebook came out with some new security protocols.

There was also a reddit post about how people are using the image file name schema of Facebook to access strangers' albums and friend networks.

Now HTTPS has been implemented site-wide for Facebook. That seems fine.

However, they've also just implemented something called a social captcha. Basically, you see a picture of your friend and then you have to click on his correct name to confirm you are human.

Well, I thought that was interesting but could very well piss off a lot of people. Some people put any old acquaintance as a Facebook friend, they may not be able to remember his name. With the amount of photos people upload, they may just not even recognize the image itself, if it's not a very clear one.

I have a feeling that social captcha's aren't going to last too long.

mm's picture

Yeah, they are getting quite

Yeah, they are getting quite paranoid. I guess it's just the way things are in such a massive system.

mm's picture

HTTPS seems like a great

HTTPS seems like a great idea, I wonder what prevented them from doing it before. Lack of servers?

Baark's picture

Social captcha's wow. What a

Social captcha's wow. What a stupid idea. Just use a custom captcha service, what's so difficult about that?

Kyle's picture

It's probably not even the

It's probably not even the way the hacker got in in the first place.

L2's picture

Meh, you guys still use

Meh, you guys still use facebook? I never care for it as much ever since college.

pew's picture

It's only a matter of time

It's only a matter of time before they implement the TSA in facebook!!

con's picture

Mark must be really pissed

Mark must be really pissed today after that.

con's picture

Just goes to show you...

Just goes to show you... anyone can be vulnerable!

Dan Killam's picture

It's about time facebook

It's about time facebook added HTTPS, they probably didn't want to spend the money to do it.

The social captchas have been out for awhile now, but they aren't the best. People get tagged in those image things that go around about Best Smile; Nicest Person, etc and how am I supposed to know who that little cartoon character is supposed to be?

Sidenote: don't forget to disable that social update they auto-enabled. The new setting shares your data with non FB websites. Go to Account>Privacy settings>Apps and websites>Edit settings >Instant Personalization & uncheck "Enable."

Nate's picture

Yeah, I'm surprised they

Yeah, I'm surprised they hadn't done this before. I think they're getting a bit too secure with them being the social networking giant ATM. (I don't mean "secure" as in safe from attacks, but more marketshare type stuff)

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account associated with the e-mail address you provide, it will be used to display your avatar.