?

Log in

No account? Create an account
PSA about LJ: Random access to other users' accounts - Sauntering Vaguely Downward [entries|archive|friends|userinfo]
Mad Scientess Jane Expat

Serious Business | Flickr
Bounty Information | Wanted Dead or Alive: Mad Scientess Nanila
Deeds of Derring-Do | Full of Wild Inaccuracies and Exaggerations

PSA about LJ: Random access to other users' accounts [20111027|11:53]
Mad Scientess Jane Expat
[Tags|, ]
[the weather today is |annoyed]

If you are not already aware of this, your LiveJournal is presently not secure. Some users, when they have logged in, have discovered that they have access to other users' accounts - people who are not on their friends lists. The access includes the ability to view and edit locked and private content. LiveJournal staff have yet to comment on the issue.

If anyone would, say, like to delete their LJ account temporarily but still be able to blog, I have 24 DreamWidth invite codes available. Leave a comment or e-mail me at nanila at livejournal dot com to receive one. I'll be leaving my LJ up long enough for people to respond to this today, but if the issue isn't resolved before that, I'll be deleting until it's fixed.

ETA on 28/10/2011: It appears that the random access issue has been fixed.
linkReply

Comments:
[User Picture]From: ginasketch
2011-10-27 06:58 (UTC)
Well this explains why my LJ menu was in Russian a few days ago. :/
(Reply) (Thread)
[User Picture]From: nanila
2011-10-28 06:42 (UTC)
Yes, apparently the random access only lasted a few minutes (see link in edited entry). So that's a bit of a relief, although it's still a pretty serious security breach.
(Reply) (Parent) (Thread)
[User Picture]From: anthrokeight
2011-10-27 09:19 (UTC)
i'd like an invite please
(Reply) (Thread)
[User Picture]From: nanila
2011-10-28 06:42 (UTC)
Sent one to your gmail!
(Reply) (Parent) (Thread)
From: pbristow
2011-10-27 11:49 (UTC)
Thankyou. Signal boosted.
(Reply) (Thread)
[User Picture]From: nanila
2011-10-28 06:43 (UTC)
Cool. See the update - apparently the random access glitch only lasted for three minutes. Still a worrying security breach, but it means I won't be deleting temporarily.
(Reply) (Parent) (Thread)
From: pbristow
2011-10-28 09:33 (UTC)
That's what they're claiming, but that's not what the various user reports indicate. Instances of the problem were reported several hours apart, and apparently gave users more access to things than LJ are admitting to. =:o{

http://lj-maintenance.livejournal.com/131843.html#comments

And to add insult to injury, the recent changes have also broken the mechanism for exporting data from one's journal to (a) other sites (such as DreamWidth) or (b) a backup on one's own PC. So people who would like to backup their journals in preparation for jumping ship if necessary, can't. Gosh, what a clever way to stir up paranoia amongst the users! =:o\

Major, major screw-up.
(Reply) (Parent) (Thread)
[User Picture]From: nanila
2011-10-28 10:21 (UTC)
They've broken the export function?! Greeeat. OK, I may just have to take a week or something to bung all my old photos onto Picasa and replace the links in my DW so there's nothing on LJ any more, and then I can stop paying them. GAH.
(Reply) (Parent) (Thread)
[User Picture]From: impix
2011-10-27 14:11 (UTC)

Gah. Thanks for the tip off. Xx

(Reply) (Thread)
[User Picture]From: nanila
2011-10-28 06:44 (UTC)
You're welcome. It looks like it's been fixed now.
(Reply) (Parent) (Thread)
[User Picture]From: cosmiccircus
2011-10-27 21:18 (UTC)
So are you going to stay or go? I'll take a dreamwidth code if you're going to go...

I wouldn't mind facebooking you sometime either...
(Reply) (Thread)
[User Picture]From: nanila
2011-10-28 06:46 (UTC)
Even if I had gone, it would only have been until the random access glitch was fixed. It lasted for three minutes, apparently (see updated entry).

As for FB, I rarely use it. I can only be bothered to log in once a week for about five minutes to check on family members, so it isn't a good way to get in touch with me!
(Reply) (Parent) (Thread)
(Deleted comment)
[User Picture]From: nanila
2011-10-28 10:19 (UTC)
Yes, well, that said, there was a whole lot more in that update that still seems to be broken. For instance, the first time I typed this comment, I got logged out in the middle of it. :/
(Reply) (Parent) (Thread)