// TODO: no error checking - we’re bold…

This has to be the best code comment ever. Not very intelligent, but humorous at least. Probably explains why the application got hacked 45 minutes after launching on the web. The victim was John McCrea, Plaxo‘s VP of Marketing, using the first web application based on Google’s new OpenSocial APIs.

If you’re curious, OpenSocial is Google’s new interface for creating widgets/gadgets/apps for social networking platforms. It’s partners currently include Engage.com, Friendster, hi5, Hyves, imeem, LinkedIn, MySpace, Ning, Oracle, orkut, Plaxo, Salesforce.com, Six Apart, Tianji, Viadeo, and XING. No information yet whether Facebook, Microsoft, or Yahoo will be joining the initiative. If it makes its way to Facebook at some point, you’ll want to be aware for the simple reason that a poorly coded application can be vulnerable to attack. Some existing Facebook applications have vulnerabilities, but for the most part are limited.

Source:
Techcrunch – First OpenSocial Application Hacked Within 45 Minutes