• On TechRepublic: 10 cool USB flash drive tricks
October 7, 2009 1:02 PM PDT

Oops! Hack lets anybody join the MySpace network on Facebook

by Caroline McCarthy
  • Font size
  • Print
  • 12 comments

I'm not an employee of MySpace, but I was able to join its Facebook network.

(Credit: Facebook)

I do not work for MySpace. But my Facebook profile now says I do, thanks to what appears to be a sneaky little flaw in MySpace's recently launched e-mail client.

Professional networks on Facebook are intended to be limited to employees, and require a corporate e-mail address to which Facebook sends a confirmation e-mail to verify accuracy. But when MySpace launched MySpace Mail this summer, it made e-mail addresses with the myspace.com domain--which is also used internally for corporate e-mail--available to any members of the News Corp.-owned social network.

A reader tipped off CNET News to the hack, which requires a little bit of HTML know-how. We're not going to give detailed instructions out of the interest of MySpace employees' own security--and it looks like Facebook has put a fix in place, because when a CNET colleague used a MySpace Mail address to register around 2:40 p.m. PT on Wednesday, he was informed that the address was invalid.

See what happens?

(Credit: Facebook)

In vague terms, it looks like MySpace was aware of the fact that members might try to register for its network on Facebook, because the confirmation link to Facebook does not work in MySpace Mail, nor does copy-pasting it. Basically, it's mangled somehow. But, the tipster explained, the real link is still in the page's HTML source. And indeed, I was able to join MySpace's network on Facebook.

This does have security implications, because many Facebook members limit some of their profile data to people who went to their schools or work for the same company--Facebook first launched corporate networks in the spring of 2005. Many may display their cell phone numbers, photo albums, or home addresses only to college alumni or co-workers.

It's an issue for Facebook as well because the massive social site does have an obligation to make sure that its restricted networks don't lie fallow. If there's a change in corporate e-mail structure at a company with a Facebook network, particularly a big one, that can mean something big with regard to potentially thousands of Facebook members' security.

A MySpace representative told CNET News that the company was looking into the matter and would be able to comment soon.

This post was updated at 2:44 p.m. PT on Wednesday to note that the problem appears to have been corrected by Facebook.

Caroline McCarthy, a CNET News staff writer, is a downtown Manhattanite happily addicted to social-media tools and restaurant blogs. Her pre-CNET resume includes interning at an IT security firm and brewing cappuccinos. E-mail Caroline.
Topics:

,

Tags:

MySpace,

Facebook,

e-mail,

MySpace Mail,

social networking,

security

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Social
Brangelina kiss lands Paul Allen on TMZ
Tweeting a book by its cover
EA's game arsenal coming to Facebook?
Google aims for cute with Super Bowl ad
More social, please: Facebook nixes banner ads
Groupon announces 'live off our deals' stunt
AOL brings back ex-exec as media overlord
Sci-fi writers' group vaporizes Amazon links
Related
Social-networking spam hit business hard in '09
MySpace restores Imeem playlists
Verizon Wireless dishes up Motorola Devour
Finally! Comment on Facebook through e-mail
MySpace's first foray into Facebook Connect
Police want backdoor to Web users' private data
Buzz Out Loud Podcast 1144: What's Google really doing in China?
Blogging declines among teens, young adults
Add a Comment (Log in or register) (12 Comments)
  • prev
  • next
by ducttape36 October 7, 2009 1:37 PM PDT
this is why you dont ever post information that is too personal on the web. I'm still impressed everytime i see a public group like "OMG I've lost everyones phone number, post it here!" and people actually post their phone numbers for all to see. <br /> <br />I use facebook, but i don't have my address or phone number on there. My friends know how to reach me, they dont need social networking to remind them.
Reply to this comment
by rayzoredge October 8, 2009 6:30 AM PDT
I wouldn't call it being impressed.<br /><br />I personally just do a mental facepalm. Move along, nothing new to see here...
by Hunnter2k3 October 7, 2009 1:38 PM PDT
Wow, they never thought that one through, did they? Hah<br /><br />They could have made it MyspaceMail.com or similar to help prevent conflicts.
Reply to this comment
by sabbatic42 October 7, 2009 3:15 PM PDT
Actually, I'm pretty sure this happens with more than a few companies. FB is constantly suggesting people who supposedly work at some company where I used to work, and I know they never have.
Reply to this comment
by ca5ter October 7, 2009 8:11 PM PDT
Blah
Reply to this comment
by Mr.Whippy October 7, 2009 9:16 PM PDT
Facebook is for morons. If you're on there but I'm not. I know more about you than you do about me. Don't you think that puts you at a disadvantage.<br /><br />Oh and by the way, We're all over Facebook. Can we get back to talking about girls please.
Reply to this comment
by chaiguy October 7, 2009 11:18 PM PDT
So no one else sees the irony of having a "myspace network" on facebook huh?
Reply to this comment
by rayzoredge October 8, 2009 6:29 AM PDT
Nice.
by fun2program8 October 8, 2009 2:05 PM PDT
Wow... I totally missed that. +1
by Omelan October 11, 2009 9:19 AM PDT
Why are Myspace employees on Facebook?
Reply to this comment
by musicmoveus October 22, 2009 6:03 AM PDT
All new to me, however, pretty sure anything you ever put online can be accessed, if it's important enough for someone to take the time. If you don't want it known, don't type it, talk it or do it. I like <br />my privacy, still I realize everything I just typed has the potential to be seen ww yep world wide! <br />No negatives, just observations. <br />Lee Goodwin Jr.
Reply to this comment
by patada78 November 5, 2009 2:45 PM PST
technology is powerful
Reply to this comment
(12 Comments)
  • prev
  • next
advertisement

Google's social side aims for some Buzz

Facebook and Twitter are the darlings of the social-media world, not Google--which hopes to change that with Buzz, betting it can organize your online social life.

Watching the birth of a gaming start-up

Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.

About The Social

CNET News' Caroline McCarthy is a downtown Manhattanite who believes that, despite popular opinion, the Web can actually help your social life. She's happily addicted to fun social-media tools from Twitter to Yelp to Facebook, sends an inordinate number of text messages, and has a tendency to waste time at the office reading restaurant blogs. Here, she explores all facets of the Web's gregarious side, as well as the unique tech culture in her home city of New York. (Don't call it Silicon Alley.)

Add this feed to your online news reader

The Social topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET