Jump to content


Photo

Facebook leaks access to user info...


  • Please log in to reply
No replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 10 May 2011 - 08:14 PM

FYI...

Facebook leaks access to user info ...
- http://www.symantec....s-third-parties
May 10, 2011 - "Third parties, in particular advertisers, have accidentally had access to Facebook users’ accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information. Fortunately, these third-parties may not have realized their ability to access this information. We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue. Facebook applications are Web applications that are integrated onto the Facebook platform. According to Facebook, 20 million Facebook applications are installed every day. Symantec has discovered that in certain cases, Facebook IFRAME applications inadvertently leaked access tokens to third parties like advertisers or analytic platforms. We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties... Concerned Facebook users can change their Facebook passwords to invalidate leaked access tokens. Changing the password invalidates these tokens and is equivalent to “changing the lock” on your Facebook profile..."
(More detail and screenshots available at the URL above.)

- http://isc.sans.edu/...l?storyid=10864
Last Updated: 2011-05-10 22:50:45 UTC

- https://developers.f...m/blog/post/497
May 10, 2011

:( :hmmm:

Edited by AplusWebMaster, 11 May 2011 - 04:51 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button