

The Facebook "Osama Dead" Worm - makmanalp
http://67.23.246.232/bl.js

======
makmanalp
The actual link to the facebook page this spreads from is here:

[http://www.facebook.com/pages/Osama-is-Dead-Watch-the-
Video/...](http://www.facebook.com/pages/Osama-is-Dead-Watch-the-
Video/202284626477244)

Apparently people do actually copy the javascript and paste it into the URL
bar, effectively getting past cross-domain xhr restrictions.

This looks like another interesting case of "why johnny can't notice security
risks". How does one mitigate something like this other than expecting users
to be knowledgeable?

