Comments on: Facebook Applications Prove Insecure http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/ The Unofficial Facebook Blog - Facebook News and More! Fri, 21 Nov 2008 23:06:37 +0000 http://wordpress.org/?v=2.6.1 By: Ryan http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-8425 Ryan Mon, 31 Mar 2008 12:49:24 +0000 http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-8425 Ha! I saw this coming five months ago. Scope this post.... http://deftlabs.com/2007/10/facebook-application-security/ Ha! I saw this coming five months ago. Scope this post….

http://deftlabs.com/2007/10/facebook-application-security/

]]> By: Ryan http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-14164 Ryan Mon, 31 Mar 2008 12:49:24 +0000 http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-14164 Ha! I saw this coming five months ago. Scope this post....<br><br><a href="http://deftlabs.com/2007/10/facebook-application-security/">http://deftlabs.com/2007/10/facebook-applicatio...</a> Ha! I saw this coming five months ago. Scope this post….

http://deftlabs.com/2007/10/facebook-applicatio...

]]> By: Tom http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-8391 Tom Fri, 28 Mar 2008 15:45:08 +0000 http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-8391 All requests from fb pass a signature using a shared secret key. There is no way a hacker could generate this sig without knowing the secret key. The default libraries use this key to validate the user, so anyone simply following the example apps would have a pretty secure app. All requests from fb pass a signature using a shared secret key. There is no way a hacker could generate this sig without knowing the secret key. The default libraries use this key to validate the user, so anyone simply following the example apps would have a pretty secure app.

]]> By: Tom http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-14163 Tom Fri, 28 Mar 2008 15:45:08 +0000 http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-14163 All requests from fb pass a signature using a shared secret key. There is no way a hacker could generate this sig without knowing the secret key. The default libraries use this key to validate the user, so anyone simply following the example apps would have a pretty secure app. All requests from fb pass a signature using a shared secret key. There is no way a hacker could generate this sig without knowing the secret key. The default libraries use this key to validate the user, so anyone simply following the example apps would have a pretty secure app.

]]>