0x0e.org | pentesting perspective

braindump on pentesting, QA, metasploit, constant learning

Framing via Facebook ==> FaceFraming?

with 3 comments

So, i was posting on the wall of a friend in facebook today, alluding to how we should steal my car back from the fascist towing company who took it. I realize it’s probably a bad idea to even hint at this, but what the hell. I can account for my time, and i truly have no intentions of stealing it.

Regardless, it occurred to me that it’s getting easier & easier to damage a reputation online, or to frame someone for a crime they didn’t do.

Imagine if i wanted someone knocked off. If i wanted to create a convincing argument for another person, i could simply log into the framed person’s account, and post a menacing statement like: “I hate everybody today. I think i’m gonna snap soon. @#$# _______” Cheesy? Sure. But convincing enough for a jury? We will see.  It’s now a matter of a public record (how much so depends on your privacy concerns / settings), and can be used against you.

I think we’re going to see a lot more of this type of evidence in the future. Here are a couple examples of it being used in court (drunk driving cases):

Advertisements

Written by jcran

September 30, 2008 at 3:02 AM

Posted in attack, web2.0

Tagged with , , ,

3 Responses

Subscribe to comments with RSS.

  1. What’s more asinine is that in a local kidnap/rape/murder case, they found the guy’s MySpace page where he had the title of a Stellastarr song in his profile: “Sweet Troubled Soul” – The media made a frenzy over it, and it was just a song name in his profile.

    http://www.hyscience.com/archives/2007/06/suspected_kille.php

    He was a deplorable, low-life psycho and he did do all the things he was accused of doing (and I was part of the Search & Rescue team) but I thought it was humorous how the media quickly ran with it long before his trial and before Kelsey’s body was even found.

    ax0n

    September 30, 2008 at 10:51 PM

  2. Take it a step further — why log in at all? You wouldn’t want to leave an artifact in some FaceSpaceTer (you like that, right?) log, would you? Take advantage of any of the growing number of client-side attacks, browser bugs and flaws, and/or poor access control and you’re golden.

    Time to fall off the SocNet grid and hunker down in the Couch Fortress of Solitude. ORIGHT, our data are still floating out there in the cloud.

    Zach

    October 1, 2008 at 3:22 AM

  3. I think some of the social networks are a great method to stay in contact with friends and family but yes some moderation needs to be taken in what is divulged whether it be text or photos.

    Stephen Reese

    October 21, 2008 at 5:19 AM


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: