Facebook is downplaying the impact of a misconfigured server over the weekend that revealed the source code powering the social networking site, saying it posed no threat to data security.Nonetheless, Facebook warned that republishing the code is against the law as copies of it proliferated on blogs and other websites. The blog Facebook Secrets is widely credited as first publishing the code.“It was not a security breach and did not compromise user data in any way,” according to a post by Facebook spokeswoman Brandee Barker on the Techcrunch blog. “The reprinting of this code violates several laws, and we ask that people not distribute it further.”If an Apache Web server is misconfigured, it’s possible for the server to publish files of PHP—a programming language used to create dynamic webpages—as regular text files, said Ronald van den Heetkamp, who runs the blog “The Hacker Webzine.” Social networking sites have become an increasing security concern due to the vast amounts of personal data that could potentially be used for identity theft and other scams.Commentators on Facebook Secrets differed somewhat over the significance of the code’s release, which some characterized as a sloppy smattering of PHP to others who found the code an intellectual curiosity. “There is nothing special or unique for you to see here, just the working framework for a PHP-built site,” wrote a commentator under the name “Azzam.” “Anyway, the media has played some hype on you and the leak is nothing but a tech glitch.” Others who saw the code generally agreed with Facebook’s evaluation of the mistake.“This is hardly any threat to Facebook, as this source code exposes nothing overly sensitive other than their naming conventions of functions and objects,” wrote a user under the name Shelley. “That said, as a programmer, I did enjoy the chance to see how some people approached making a social site like that from a logic stand point. Good read!” — Jeremy Kirk, IDG News Service (London Bureau) Related content news Gitlab fixes bug that exploited internal policies to trigger hostile pipelines It was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. By Shweta Sharma Sep 21, 2023 3 mins Vulnerabilities Security feature Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report CISA’s recommendations for vendors, developers, and end-users promote a more secure software ecosystem. By Chris Hughes Sep 21, 2023 8 mins Zero Trust Threat and Vulnerability Management Security Practices news Insider risks are getting increasingly costly The cost of cybersecurity threats caused by organization insiders rose over the course of 2023, according to a new report from the Ponemon Institute and DTEX Systems. By Jon Gold Sep 20, 2023 3 mins Budget Data and Information Security news US cyber insurance claims spike amid ransomware, funds transfer fraud, BEC attacks Cyber insurance claims frequency increased by 12% in the first half of 2023 while claims severity increased by 42% with an average loss amount of more than $115,000. By Michael Hill Sep 20, 2023 3 mins Insurance Industry Risk Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe