Facebook applications may have allowed third parties to access user information according to Symantec’s official blog. Facebook denies the claims, but Symantec went into quite a bit of detail explaining how it happened.
As many as 100,000 applications enabled leakage through Facebook’s IFRAME code, giving third parties access tokens. These tokens are supposed to allow applications to perform various actions on behalf of the users or access certain information on a user’s profile. When you are first presented with an option to allow an application, it declares what information the application will be able to access.
A feature called “offline access” also grants applications the ability to perform actions on behalf of the user even when the user is not online. Facebook eventually changed to a new authentication system (OAUTH2.0), but many applications still use older authentication schemes. Using certain parameters, it is possible for third parties to acquire the access tokens.
Facebook did not deny the existence of the problem but did say that it took steps to correct them some time ago, and that Symantec’s report fails to take that into account. Facebook also says that it investigated the problem and found that no private user information had been shared with “unauthorized third parties.” Unfortunately, Symantec says, there is no way to know what might have been leaked, but concerned users can change their passwords to easily protect their accounts.
Facebook has had its fair share of privacy issues and problems with terms of service regarding advertisers and user rights. With a network as large as it is, security is bound to be a concern. The social network recently added a feature to allow users to always use encrypted URLs (HTTPS) to increase security.
Top Public Relations News:
Montgomery County Issues Marketing RFP
Social Media Trends: Women Vs. Men on Social Media
The Power of PR for Budding Professionals
Ronn Torossian on PR Today: Everything PR Exclusive
Scotty Moore Joins Zeeto Media as CRO
Ad Exchange Coming to a Tweet Near You
County of Santa Clara Issues Communications RFP
Henderson State University Issues Public Relations RFP
Videos Matter More Than Ever For Capturing Attention
PUBLICITY RFP ISSUED BY MICHIGAN