Facebook Caught Exposing Millions of Credentials 159
fysdt writes "Facebook has leaked photographs, profiles and other personal information for millions of its users because of a years-old bug that overrides individual privacy settings, researchers from Symantec said. The flaw, which the researchers estimate has affected hundreds of thousands of applications, exposed user access tokens to advertisers and others. The tokens serve as a spare set of keys that Facebook apps use to perform certain actions on behalf of the user, such as posting messages to a Facebook wall or sending RSVP replies to invitations. For years, many apps that rely on an older form of user authentication turned over these keys to third parties, giving them the ability to access information users specifically designated as off limits."
This study was delayed (Score:5, Funny)
Researchers note that they would have released this study much sooner, but their PCs were hamstrung by Norton Internet Security.
It's not a bug, it's a feature (Score:2, Funny)
Working as intended
Re:They're still operating ... (Score:5, Funny)
I don't have any facebook apps installed. not a one.
I don't answer any surveys or take any polls.
I painstakingly go through every privacy setting and set to "friends only".
I post as little truly personal information as possible. No phone number, no address, no high school, college, or place of current employment, none of it.
and I'm still pretty sure that facebook has still somehow probably derived all of my info down to my underwear color, porn preferences, and whether I ate lucky charms for dinner last night, and sold that to advertisers.
Use this thread (Score:5, Funny)
to make a self-righteous post about how you don't use Facebook, and anyone who does is stupid.
Re:Meh.. (Score:5, Funny)
The Zen way. You stand by instead of using it, and watch with compassion how the rest of humanity does something really stupid.
Re:Join the crowd (Score:5, Funny)
I thought we wanted to fix the problem.
Re:Meh.. (Score:5, Funny)
I use Facebook to keep in touch with patients and other health care professionals (chiropractors, homeopaths, acupuncturists, etc.)
Let me fix that for you ....
I use Facebook to keep in touch with patients and other quacks and dispensers of expensive placebos that have absolutely no scientific evidence to back their efficacy (chiropractors, homeopaths, acupuncturists, etc.)
There you go ....
Re:They're still operating ... (Score:4, Funny)
The other side of the basement is neither, and, let's face it, you aren't going to climb the stairs over this.
Re:Meh.. (Score:5, Funny)
FB is overrated anyway. And waay too many people use it as if it were their Twitter account.
The big downside to Facebook around here is that it requires friends.
Re:This study was delayed (Score:2, Funny)
Re:Meh.. (Score:4, Funny)
I'd like to make a new service called Twatter. That way, when you send out a messages, your Twatting, and an individual message is a Twat.
Re:Bound to happen (Score:4, Funny)
"Software is too large to find and fix everything."
That's what Sony said.
Facebook shocked, *shocked* at privacy breaches (Score:5, Funny)
Facebook staff have been amazed to discover [newstechnica.com] that when Facebook passes users' complete details to application developers and advertisers like candy, some of the partner companies might accidentally let slip the information in some manner.
"We are appalled at this information leak," said Facebook founder Mark Zuckerberg as he took a break from his personal RSS feed of drunk women's tits posted to his service. "But I can assure you that we have sternly suggested to everyone involved that they take somewhat greater care not to get caught, and maintain a serious demeanor when rolling around in the great big pit filled with money in their basement."
"I'm horrified and outraged," said office worker Brenda Busybody, 43 (IQ), "that stuff I put on the Internet is on the Internet. It violates everything I expect. I want privacy when I'm calling my boss a useless fuckstick to the entire world, all my coworkers and my boss himself. And when I'm playing a bit of FarmVille before we nick off down the pub."
Privacy advocates are working on Diaspora, a security-enhanced social network so far populated by Linux users who cryptographically sign every update about which episode of Babylon 5 they just finished watching alone in their parents' basement. "START PGP KEY BLOCK!" said open source software advocate Hiram Nerdboy, 17. "WE WILL PROTECT YOUR FREEDOMS!" The next version of Diaspora will allow users to list more than three friends, should there be any demand whatsoever for such a feature.
Facebook works on the now-standard "Web 2.0” business model: 1. Brutally sodomise the personal privacy of anyone who comes within a mile of your service and say "hey baby, I'm sorry" every time you're busted. 2. Sell ads.