Project Diaspora recently released the source code of a pre-alpha version of the software meant to be an open, distributed and privacy aware alternative to Facebook. This allowed developers around the world to look at the innards of Diaspora and start making their own contributions to the development process.
Hackers who have already surveyed the code don't have nice things to say about its security. They identified flaws that would allow potential attackers to compromise user's security in a variety of ways. As the owner of Bingo Card Creator, a Japanese software company, says, there is currently "nothing that you cannot do to someone's Diaspora account" including hijacking of user accounts, friending users without their permission, deleting other people's photos etc.
Certain flaws lead some to question the competency of Diaspora developers, adding to the chorus of voices expressing early disillusionment with the project. Not everyone is as harsh, however, pointing out that this is indeed just a pre-alpha, a first public code release, and that flaws are to be expected. It is probably too early to make final judgments.
Diaspora started as a fund drive for $10,000 to develop a social networking platform that would give its users complete control over their privacy, which would be completely decentralized, and open source. The fund drive came at a time of wide spread dissatisfaction with Facebook's privacy practices and thus managed to attract a large following, bursting through the set goal of $10,000 to reach over $200,000 in pledges.
Fans of the project, some of which literally banked on its success, are eager to start deploying it so they can start offering it as an alternative to Facebook. However, taking into consideration the security flaws hackers are warning about, it will be a bad idea to deploy the software in "production" capacity until it is in its final instance. Doing so could easily lead to compromised users and tainted credibility, which will only add to an already extremely difficult task of taking on a social networking giant.
Source: Project Diaspora, The Registercell phone spyware
Sources......
cell phone spy
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment