[Infowarrior] - Hackers promise Month of Myspace Bugs

[Richard Forno]

Two hackers, known as Mondo Armando and Müstaschio, don¹t want to disclose
their real names but promise to begin disclosing security vulnerabilities in
MySpace, every day in April. "The purpose of the exercise is not so much to
expose MySpace as a hive of spam and villainy (since everyone knows that
already), but to highlight the monoculture-style danger of extremely popular
websites. We could have just as easily gone after Google or Yahoo or MSN or
IDG or whatever. MySpace is just more fun, and is becoming notoriously
[obnoxious] about responding to security issues," wrote Mondo Armando.

The MySpace hackers launched their project late Thursday expressing
simultaneous enthusiasm and disdain for the task ahead. They intend to
primarily publish cross site scripting bugs, which can allow an attacker to
execute malicious script within a victim's browser, but they may also
publish bugs that affect browsers or technologies like Flash or QuickTime.
Although there are sceptics on what will happen on April Fool¹s day, based
on the duo¹s blog it appears they are serious about the task at hand. Who
wants to take bets on the number they¹ll find in the first month?

http://www.neowin.net/index.php?act=view&id=38874