> Not intended as a dig at facebook specifically, but is this a strong argument
> against trusting your personal data, to propriety software in the cloud?
Not intended to address the specific case, but if you've not looked into web
security before, the Wikipedia pages on "XSS" and "CSRF" are an good grounding
for reading between the lines of many of these terrifying exploits as-reported
in the press, and perspective in the selfsame challenges that *any* web-based
service must overcome - free, libre or proprietary.
It's not enough to just throw "lots of cryptography" at the problem, nor to try
bolting-on security afterwards. It's necessary to address security in the very
architecture, from day 1.
- alec
--
[email protected]
http://www.crypticide.com/dropsafe/
