Request For Permission Granted? - Facebook Flaws Exposed
“An XYZ app wants to access your personal information : Name, Friend List, Date of Birthâ€
Allow | Don’t Allow
#-Link-Snipped-#
This security vulnerability gave easy access to users’ account and personal information shared on Facebook, to third party users and advertisers, according to security firm Symantec Corp. Until april, they have estimated that nearly 10000 apps are affected , and since Facebook had introduced apps way back in 2007, it may have leaked millions of access tokens to third party users.
But Symantec has maintained that these breaches were accidental. It is possible that the third parties didn't realize they had the ability to access this information. Still, "The repercussions of this access token leakage are seen far and wide," wrote Symantec researcher Nishant Doshi in a blog post.
Symantec has made Facebook aware of this vulnerability, and Facebook has taken several steps to address it. "We've conducted a thorough investigation which revealed no evidence of this issue resulting in a user's private information being shared with unauthorized third parties," said a Facebook spokeswoman in an email, without giving any further details about their method of study. She further added that the company has "strong policy enforcement and technical measures that allow us to quickly catch and take action against suspicious behavior on the platform."
Facebook took some very strict measures when it punished many app-developers last fall, when a Wall-street Journal exposed that many apps were sharing users’ data.
Source: #-Link-Snipped-#
Allow | Don’t Allow
#-Link-Snipped-#
This security vulnerability gave easy access to users’ account and personal information shared on Facebook, to third party users and advertisers, according to security firm Symantec Corp. Until april, they have estimated that nearly 10000 apps are affected , and since Facebook had introduced apps way back in 2007, it may have leaked millions of access tokens to third party users.
But Symantec has maintained that these breaches were accidental. It is possible that the third parties didn't realize they had the ability to access this information. Still, "The repercussions of this access token leakage are seen far and wide," wrote Symantec researcher Nishant Doshi in a blog post.
Symantec has made Facebook aware of this vulnerability, and Facebook has taken several steps to address it. "We've conducted a thorough investigation which revealed no evidence of this issue resulting in a user's private information being shared with unauthorized third parties," said a Facebook spokeswoman in an email, without giving any further details about their method of study. She further added that the company has "strong policy enforcement and technical measures that allow us to quickly catch and take action against suspicious behavior on the platform."
Facebook took some very strict measures when it punished many app-developers last fall, when a Wall-street Journal exposed that many apps were sharing users’ data.
Source: #-Link-Snipped-#
Replies
You are reading an archived discussion.
Related Posts
It so happens that we need uninterrupted power supply for some time and it is cut off! So what we do in that case? We simply wait, nothing more. But...
The keyboards we use are already great, but what will happen if you get a keyboard that can sense your fingers? It’ll know what you want to type and will...
In a major strategic decision on Friday, Chevrolet announced the increase in production of its Chevrolet volt. A total of $100 Million investment is expected from General Motors Co. in...
Google has a history of keeping users engaged with their puzzles at Google IO conference. Google I/O 2011 wasn't any different. This year, Google encoded a mysterious code on the...
Sony has just announced the availability of Playstation 3 System Update with firmware version 3.61. Sony is issuing this mandatory update to all PS3 systems which will require users to...