Xanda's Blog !~!

Facebook Identity Can be Compromised Just by Reading Forum Posts


I’ve stumbled across a small security vulnerability in Facebook that, after some thought, turned out to be a way to launch a powerful and surprising attack.

The attack allows personal information including full name, profile picture, and friends list to leak to an eagerly awaiting hacker. The uniqueness of this attack, is that the unaware user’s data may be stolen when she is surfing a legitimate, trusted site, not a site controlled by the attacker.

[Read MORE]

What happened to Milw0rm and Packetstorm


Mubic asked:

Str0ke said:

Mubic asked again:

And Str0ke answered:



ClientMe – Yet Another Client Side Honeypot

It is now in early implementation phase

P/S: This project insyaallah will be my master degree’s project at the same time

[updated on 25th August 2009, 11:01PM (GMT +8)]

ClientMe is now in v 0.01 Alpha [see HERE]

Facebook : Service Unavailable – DNS failure


dig seems to be OK

I’m still waiting for the news of why this thing happened..


I used “dig facebook.com” and not “dig www.facebook.com”.. ARGH!!!! Anyone has dig result for www.facebook.com? I pretty much believe that it has something to do with Akmai’s distributed servers


hi all, i believe that, this issues come some the distributed akmai server. If you are on Linux/Unix/Mac, this is what you can do:-

sudo -i
echo "  www.facebook.com" >> /etc/hosts

then start browsing to facebook 🙂

Facebook privacy: A guide


Title: Facebook privacy: a guide
Author: Jacqui Cheng
Source: Arstechnica
Date Published: 14th August 2009


….Facebook has decent privacy controls, but most users don’t
realize how to take full advantage of them. Ars guides you through
Facebook’s privacy settings so that you can be both social and
respectable at the same time……

Posted in /dev/project page.

Please refer here: http://www.xanda.org/index.php?page=facebook-privacy-a-guide