Either it will be the coolest prank in the history of [highlight]April fool’s day[/highlight] on the internet, or MySpace and its users might be in trouble. MOMBY (Month of MySpace Bugs Yuss!) is the official project name. There is humor all over the LiveJournal announcement, but some serious tones as well. The funny parts are standout to anyone, even those who are new to the trend of Month of exploit and bug releases.

This time around the new Month of target, MySpace is singled out because “MySpace is important, in that there are a bazillion users and a kajillion dollars involved,” said Mondo, one of the project creators, on the Full Disclosure mailing list, “Months of Bugs are whiny, attention-seeking ploys for acceptance. MySpace’s design use is to enable whiny, attention-seeking ploys for acceptance.”

The types of bugs allowed will be serious. However according to the announcement, most of the items planned for posting are, “silly XSS/misleading CSS style bugs that MySpace users may actually be able to use,” the creators said. The bugs disclosed will affect MySpace in one way or another. “But in the end, the only requirement is that all bugs posted as part of MOMBY MUST have an attached PoC (Proof of Concept) that touches Myspace.com, somewhere.” This means that known and unknown bugs are FAIR game and that almost anything could qualify as long as it is attached in one form or another to MySpace.

The creators of the project are quick to insist this is not a JOKE; the humor is that the “Month of” releases are a joke in their opinions, and are quickly loosing the value they should have. “Months of Bugs are annoying, so rather than suffering through another, we figured it'd be better to just create our own where we could at least direct the CONTENT a little.”

MySpace has had its share of known exploits and bugs in the past year. Some were fixed and there are rumors of more of them that were never fixed. You might recall the release of a text file with several thousand usernames and account passwords because of a Phishing attack, which targeted users of MySpace. There was also the WMF bug that allowed spyware to be installed on computers using Internet Explorer.

The bugs disclosed, if legit, will shine the security spotlight on the social network portal once again, and they will either have to react and patch them, or ignore them and hope they go away. News Corp does not need negative press, so if the bugs released are serious, or just pranks, they should move quickly to patch them. If that happens, maybe there will be a collective “Yuss!” from its users.

http://tech.monstersandcritics.com/news/article_1279518.php/MySpace_gets_its_own_Month_of_BugsWhen I see it I'll believe it. Never had much belief in people that tout their horns before actually doing or demonstrating anything.I suggest having a "close down Myspace.com 24/7" day.