Re: RE: This bug represents a cultural problem at FB
This is security 101. You don't send user modifiable parameters. You don't send parameters in clear text. Absolutely stupid.
There should be no reason to "test" this scenario: the scenario should not exist. FacePlant "technology" sucks; you entrust your stuff to FacePlant, prepare to have your information harvested.