Facebook engineers are finishing a patch for a critical vulnerability that exposed user birthdays and other sensitive data even when they were designated as private, a security researcher said Wednesday. The bug could be exploited by prompting a user to click on a link while logged into the social networking site, said M.J. …
Awwwww, come on!
"...Keith discovered a simple way to bypass the security token: by omitting it altogether, Facebook servers no longer attempted to validate browsers."
Don't they have any kind of internal teams who think up ways of defeating security? They ought to.
This can be prevented using Firefox's Adblock Plus add-on
This describes how to use Firefox's "Adblock Plus" add-on to prevent other Web sites from accessing Facebook:
Could you tell me why an attacker would want to do that ?
Delete a profile?
I did not know that was possible. If so, then whoever breaks into a person's profile could be doing that person a favour.
there is actually a link to delete (not just disable) a facebook account.
The account is deactivated, and you have 14 days to re-activate it, otherwise it's permanently deleted (so they say)
More info here: http://www.facebook.com/group.php?gid=16929680703
'Facebook scrambles to close hole exposing private data'
Is it just me or is Facebook 'scrambling to protect private data' somewhat like an abattoir donating £10 to the RSPCA?
They can't just give this data out to anyone.
What would their 'trusted partners' think?
In separate news...
Facebook received a large almost-anonymous donation from Sneaky Data Harvesters inc. In a response to Sneaky, Mark Zuckerberg thanked them for their donation and said that although the hole won't be fixed until 90 seconds after all the data could be harvested by a third party interested in laying their hands on it he didn't think Sneaky was 'that kind of operation'.
Mr. Zuckerberg owns 49% shares in Sneaky.
- Analysis iPhone 6: The final straw for Android makers eaten alive by the data parasite?
- First Crack Man buys iPHONE 6 and DROPS IT to SMASH on PURPOSE
- First Fondle Reg journo battles Sydney iPHONE queue, FONDLES BIG 'UN
- TOR users become FBI's No.1 hacking target after legal power grab
- Vid Reg bloke zips through an iPHONE 6 queue from ZERO to 60 SECONDS