Facebook Engineer Dared Colleagues to Hack Him

Personal account privately compromised, but not company systems

View Comments (
)
|
Email
|
Print

    NEWSLETTERS

    AFP/Getty Images
    The logo of social networking website 'Facebook' is displayed on a computer screen in London, 12 December 2007. AFP PHOTO/LEON NEAL (Photo credit should read Leon Neal/AFP/Getty Images)

    Facebook security specialist Pedram Keyani issued his colleagues a challenge after the Federal Trade Commission gave Twitter a slap on the wrist for security breaches: Keyani dared fellow engineers to try to hack into the company's systems.

    The effort succeeded through failure -- while Keyani's personal Facebook account and systems were compromised, nobody managed to gain access to company secrets or systems.

    Keyani's personal account was unlocked by tricking his machine to connect to an unsecured wireless router that mimicked the secure, encrypted one Keyani's machine normally connected to.

    From there, the hackers had access to Keyani's wireless network and could monitor his online traffic.

    But they couldn't get around the security in place to protect the company's operations, so Keyani deemed the test a success.

    It is common practice for companies to hire security consultants to try to hack into a system in order to find potential vulnerabilities, so an internal test is perfectly sensible.

    So score one for team Facebook in terms of protecting user privacy by checking to see if all the virtual doors are locked.

    Jackson West avoided using "exploiting back end vulnerability" for a cheap and easy laugh.