Jump to content
Heads Up! This website is no longer maintained, if your a member from our era, consider joining the discord to say hello.
Sign in to follow this  
Followers 0

Bbc Reports Facebook Vulnerability

By  XGhozt, in World News

Recommended Posts

 XGhozt    410

XGhozt
Posted

BBC Reports Facebook Vulnerability

 

The BBC is reporting that they have discovered a flaw in the Facebook social networking site that could compromise user privacy.

 

The problem, reported on the BBC technology program Click, appears to be in the site's application model. Facebook allows users to write applications, but Click found that these applications could gather personal profile information on users or their friends.

 

This data includes some of the information you provide to Facebook as part of your personal profile. The BBC was unclear on what profile elements could and could not be obtained, but they indicate that it's more than is proper.

 

At first glance it's not clear how much of a scandal there is here. When you add an application in Facebook you are asked to approve certain capabilities for the application, among them that it "Know who I am and access my information". Further explanation for this option states:

 

Granting access to information is required to add applications. If you are not willing to grant access to your information, do not add this application.

 

Not much room to maneuver here. You want the application, you give the information.

 

So the point of the BBC report is that this is built into the Facebook model and that users may not appreciate that they are giving up as many details as they think.

 

Facebook deals with this on the one hand by warning users to be careful about adding applications, which is useless boilerplate because there are no real guidelines for how they might exercise such caution. On the other hand, their terms of service prohibit abuse of others' personal information. To make matters worse, applications may be running in part on 3rd party servers, making the enforcement of Facebook's terms even sketchier.

 

The BBC says that Facebook "... also advises users to use the same precautions while downloading software from Facebook applications that they use when downloading software on their desktop." This exposes the emptiness of the whole endeavor. If Facebook applications are to be considered as potentially dangerous as desktop applications then they need more security facilities.

 

Source(s): http://blogs.pcmag.com/securitywatch/2008/...k_vulnerabi.php

http://news.bbc.co.uk/2/hi/programmes/clic...ine/7375772.stm

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing World News
×