back to article Facebook plugs gnarly authentication flaw

Security researchers have discovered a flaw that creates a means for a malicious website to grab hold of a Facebook user's private data without their consent as well as to post messages impersonating the user on the social networking website. The authentication-related bug was discovered by researchers Rui Wang and Zhou Li, who …

COMMENTS

This topic is closed for new posts.

They're asking for it

With all that code kncoking around inviting people to "Like" pages on 3rd party sites. Personally I'd rather they allowed me to switch that shite off because I'm never going to use it.

0
1

been there

Personally, I do no use nor intend to use FB, twitter or other social networks.

To answer code monkey, I use firefox with "noscript" add on. In noscript just marked FB as "not trusted" and that's it.

Of course, if you use FB, you have to look for another solution.

R

1
0
Anonymous Coward

Use both NoScript and RequestPolicy

The Firefox addon RequestPolicy controls cross-site requests. It stops, for example, random websites running Facebook code.

More details here: https://www.requestpolicy.com/faq

0
0
Flame

Still true to form

Not a day goes by that there isn't at least one faceplant scandal or f-up.

Will this be a reliable as Moore's law?

Hopefully facebook will fail completely before then.

0
1
Anonymous Coward

Pervasive

I like Facebook and use it. I log on every few weeks or so to see how old friends and acquaintances are doing. Sometimes I put some pictures on there to share with any friends who might want to look at them.

That's about it though. So I'm getting a little sick of Facebook appearing all over the web. I'm tired of sites I look at trying to get me to connect my accounts there with my Facebook account. Some are pretty underhanded about it. I don't want to link anything with Facebook, thanks. That, along with Facebook's ever changing privacy options (which somehow always manage to turn to settings I don't want them to) I've been avoiding logging in and using the site.

Facebook, all someone has to do is offer something better, and all your hyped up value will quickly become worthless.

0
0
This topic is closed for new posts.

Forums