Ssshhhh, the Winklevoss twins don’t want you to know this: The uber-bros recently received $65 million from Facebook founder Mark Zuckerberg in a confidential settlement ending the lawsuit over who really, really started Facebook. But the Brothers Winklevoss aren’t satisfied; they want the verdict overturned. Why, you ask? Probably because they were paid largely in Zuckerberg Bucks (a.k.a. Facebook stock). According to Valleywag:

ConnectU’s settlement was issued in common shares. And an appraisal Facebook conducted to value the shares it issued to employees valued the company at $3.7 billion, or $8.88 a share — making the stock part of ConnectU’s payment only worth $11 million, and the total $31 million.

Only $31 million? Oh, but it gets worse. From Valleywag:

An informal market for Facebook stock exists, though it’s not publicly traded. Vulture investors are offering to buy shares for as little as $2.50 apiece. At that price, the company as a whole is worth $1.3 billion. That’s less than Yahoo reportedly bid for the company in 2006.

With share price falling, what’s a young Zuckerprince to do? After the jump, predictions for Facebook’s grim future. Read the rest of this entry »

Remember identical twins Tyler and Cameron Winklevoss, Harvard ‘04, the ones who claimed four years ago that Zuckerberg stole Facebook from their original site ConnectU?  Yeah, they’re still desperately seeking justice in the form of cash and shares, with ongoing litigation regarding their settlement with Facebook and the value of the stock.  But lately it looks like these suckers are back in the news for another reason.

Only this time Zuckerberg definitely won’t be stealing their thunder, or their gold.  The Winklevoss twins will be rowing as a pretty pair in this summer’s Beijing Olympics.

Read the rest of this entry »

Last week Facebook got hacked, and nerds everywhere luxuriated in the “elegance” of the reigning king of college networking’s code.  This week ConnectU got hacked.  And elegant it wasn’t.  Reluctant hacker Brendan O’Connor (full disclosure: he is Guest Editor Maureen’s brother, and a Stanford grad, which is so gauche, but bear with us) stumbled into “one of the most basic security flaws possible in a website,” enabling him to browse ConnectU’s databases — including passwords and “private” material.

Having just read IvyGate’s Facebook v. ConnectU coverage, Brendan decided to take a spin on the latter website by typing his last name — O’Connor — into ConnectU’s search engine.  Since apostrophes are part of SQL programming language, the inclusion of the unexpected keystroke let O’Connor break out of the last_name field and “inject arbitrary commands” straight into ConnectU’s inner machinery.  This is the hack known as the SQL injection.  He explains

While Facebook recently had a minor security-related glitch, ConnectU’s flaw is far more serious. A malicious attacker could use this to easily break into user accounts, damage or delete internal databases, or probably much worse. … This bug is one of the most elementary security bugs that can exist in a PHP website. It’s a clear sign of a shoddy, amateurish effort; my coworker Dave Fayram, a web engineering expert, describes it as “shameful.”

And what did our malicious attacker do with his injection?  Discovered that 192 people use the password “password,” and then alerted ConnectU to the breach so they’d have time to fix it before he posted it on his blog.  Blame it on Stanford’s IHUM requirement; the guy has an annoyingly strong sense of morality. –MAUREEN O’CONNOR

At 12:54AM on August 11, 2007 a blog entitled Facebook Secrets went live.  Which would have been cool, but it was just a bunch of computer code garbledy-gook.  Luckily, college has this habit of turning out computer scientists along with its IvyGate editors, so we have since ascertained that said garbledy-gook was actually an unauthorized leak of Facebook’s main source code, prompting questions about the mega-popular site’s security.