It turns out that announcers, thanks to a security key, had the possibility to have access to all information displayed on Facebook members’ profiles.
This security key was passed on to them by MISTAKE. Facebook argues that they maybe didn’t realize it.
For years, Facebook was actually much more opened and talkative to the announcers than we all believed they were.
Without knowing it, tens of thousand applications installed by members were communicating a security key to their intermediaries, in particular the advertising platforms. This key was passed to the intermediaries without any encoding protection.
The well-known editor, Symantec, revealed this on Tuesday. They said that this security key gave the possibility to consult profiles, pictures and immediate messages. It could also, depending on the confidentiality settings of the profile, write messages on users’ so called walls.
According to Symantec, about 100.000 applications could have exposed this security key until they warned Facebook of their system’s fault.
In an article posted on Symantec’s blog, an engineer explained that, " these third parties, fortunately, maybe didn’t realize that they had the possibility to reach these information ".
On its side, Facebook took measures to correct this mistake and said that” an investigation revealed no proof of use of information by parties that weren’t authorized to".
We have to remind that it is not the first time Facebook struggles with the security of its applications.
In October, the Wall Street Journal revealed that another data, the accounts’ identifier, was passed on by some of the most popular applications to the advertising platforms; providing them access to names and to the lists of friends.
At this time, Facebook had quickly reacted, asserting that this identifier was passed on "BY MISTAKE”……
A lot of convenient mistakes are you thinking? Your call...
Wednesday, May 11, 2011
Facebook was displaying members’ private data for years…by mistake
0 comments:
Post a Comment