http://allfacebook.disqus.com/enMon, 31 Mar 2008 08:49:24 -0000http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-1639813Ha! I saw this coming five months ago. Scope this post....<br><br><a href="http://deftlabs.com/2007/10/facebook-application-security/" rel="nofollow">http://deftlabs.com/2007/10/facebook-applicatio...</a>RyanMon, 31 Mar 2008 08:49:24 -0000http://www.allfacebook.com/2008/03/facebook-applications-prove-insecure/#comment-1639812All requests from fb pass a signature using a shared secret key. There is no way a hacker could generate this sig without knowing the secret key. The default libraries use this key to validate the user, so anyone simply following the example apps would have a pretty secure app.TomFri, 28 Mar 2008 11:45:08 -0000