Hackers show `holes' in sites like MySpace

LAS VEGAS - Social networking Web sites such as MySpace.com are increasingly juicy targets for computer hackers, who are demonstrating a pair of vulnerabilities they claim expose sensitive personal information and could be exploited by online criminals.The flaws are being demonstrated this week at the Black Hat and Defcon hacker conferences, which draw thousands of people to Las Vegas each year for five days of training and demonstrations of the latest exploits.Black Hat, the more genteel of the two events with heavy industry sponsorship and big admission fees, ended Thursday with about 4,000 attendees. Defcon, larger and more roguish, started smoothly Friday, without any of the registration problems that irked fire officials last year and caused lengthy delays. Organizers expect the crowd to exceed last year's attendance of roughly 5,000 people.Infiltrating password-protected social networking sites has been an increasingly fruitful area of study for hobbyists and professional computer security researchers.One hacker, Rick Deacon, a 21-year-old network administrator from Beachwood, Ohio, says he's discovered a so-called "zero-day" flaw - a problem that hasn't been patched yet - in MySpace that allows intruders to commandeer personal Web pages and possibly inject malicious code.Deacon is scheduled to present his findings Sunday. So far, it only affects older versions of the Firefox Web browser and does not affect Internet Explorer,