Facebook bug exposed contact info of 6M users

Another reason not to use facebook..

 

I know dozens of lay people - occasional users that have Facebook accounts that have not reported anything. This is not saying the threat is not real.

Like any online activity - one must be careful at all times.

 

Facebook sqashes bug that exposed e-mail addresses for 6 million users

http://arstechnica.com/security/201...exposed-e-mail-addresses-for-6-million-users/

 

Facebook launches it's own Bug Bounty program.
https://www.facebook.com/whitehat

 

Perhaps and I'm not disputing that, stapp. Was just adding my own content in my own way that I like doing. The Facebook bug bounty is open to more or less anyone. Facebook is even encouraging using bogus accounts to track bugs and flaws. It's detailed in whichever links you'd prefer reading.

Cheers !

 

Thanks ronjor for keeping us informed

 

They should have done this a long time ago. I was reading about Microsoft doing the same thing. Wish I was skilled enough to participate in these programs. Maybe in a few years.

 

The MS Bug Bounty is at this thread:
https://www.wilderssecurity.com/showthread.php?t=349060

 

Facebook in more hot water, now over 'shadow dossiers'

http://www.networkworld.com/news/2013/062413-facebook-in-more-hot-water-271213.html

 

How Google, Yahoo, Apple, Facebook, and Amazon track you (infographic)
http://venturebeat.com/2013/06/25/every-day-tracking/

 

Let's quote this part from the NetworkWorld article for those who don't click through (bolding is mine)...

It won't prevent others from uploading your information or reliably remove it after it has been uploaded or manually entered, but perhaps there is something to be said for shunning those providers and individuals who you feel won't handle your information responsibly. In the case of email for example, set the server up to reject email during SMTP delivery time (prior to acceptance so your server isn't generating a bounce message to possibly innocent victims of spammer forged email addresses... just immediately return an appropriate SMTP error code and message of your choosing) based on the domain of the remote client MTA and/or the domain in the Mail From.