Facebook applications security flaw fixed

ronjor · May 11, 2011

By: Trevor Mogg

A security flaw in Facebook that allowed third parties such as advertisers to access user accounts has been fixed.
Click to expand...

http://www.digitaltrends.com/computing/facebook-applications-security-flaw-fixed/

Daveski17 · May 11, 2011

And there's this from Reuters.

ronjor · May 11, 2011

Facebook and privacy, they seem contradictory at times, yet it's used by about 500 million users for stuff that they might want to keep a bit private in the end.
Click to expand...

Time to change your facebook password?

CloneRanger · May 11, 2011

Originally posted by ronjor

Time to change your facebook password?
Click to expand...

Or even better still, your FB addiction

siljaline · May 11, 2011

The original Symantec findings. Password credential change highly recommended.

CloneRanger · May 11, 2011

@ siljaline

Thanks for posting

The Facebook application is now in a position to inadvertently leak the access tokens to third parties potentially on purpose and unfortunately very commonly by accident. In particular, this URL, including the access token, is passed to third-party advertisers as part of the referrer field of the HTTP requests

http://www.symantec.com/connect/blo...ons-accidentally-leaking-access-third-parties
Click to expand...

My bolding = Could this be considered a BackDoor ? I would say yes, seeing as it's Always been there

We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.
Click to expand...

chrisretusn · May 12, 2011

Not addicted....

Password changed.....

Instructed my kids to changed their passwords too.

JRViejo · May 17, 2011

Within days of Facebook rolling out new security features designed to block spam, several new social-engineering attacks were spreading that somehow managed to get by the company's antispam defenses.

The spammers have modified their handiwork so it will get past Facebook's scam detection system, company spokesman Fred Wolens told CNET today.

"There are new methods they've picked up after we put out the protections on Thursday," he said. "It's an arms race. We put out new protections and they come up with new campaigns...When we announced the new security features, they were calibrated for all the self-XSS attacks we'd seen at the time."
Click to expand...

Facebook, spammers are in 'arms race' by Elinor Mills.

Log in or Sign up

Facebook applications security flaw fixed

ronjor Global Moderator

Daveski17 Registered Member

ronjor Global Moderator

CloneRanger Registered Member

siljaline Registered Member

CloneRanger Registered Member

chrisretusn Registered Member

JRViejo Super Moderator

Log in or Sign up

Facebook applications security flaw fixed

ronjor Global Moderator

Daveski17 Registered Member

ronjor Global Moderator

CloneRanger Registered Member

siljaline Registered Member

CloneRanger Registered Member

chrisretusn Registered Member

JRViejo Super Moderator

Useful Searches