Facebook applications may have allowed third parties to access user information according to Symantec’s official blog. Facebook denies the claims, but Symantec went into quite a bit of detail explaining how it happened.
As many as 100,000 applications enabled leakage through Facebook’s IFRAME code, giving third parties access tokens. These tokens are supposed to allow applications to perform various actions on behalf of the users or access certain information on a user’s profile. When you are first presented with an option to allow an application, it declares what information the application will be able to access.
A feature called “offline access” also grants applications the ability to perform actions on behalf of the user even when the user is not online. Facebook eventually changed to a new authentication system (OAUTH2.0), but many applications still use older authentication schemes. Using certain parameters, it is possible for third parties to acquire the access tokens.
Facebook did not deny the existence of the problem but did say that it took steps to correct them some time ago, and that Symantec’s report fails to take that into account. Facebook also says that it investigated the problem and found that no private user information had been shared with “unauthorized third parties.” Unfortunately, Symantec says, there is no way to know what might have been leaked, but concerned users can change their passwords to easily protect their accounts.
Facebook has had its fair share of privacy issues and problems with terms of service regarding advertisers and user rights. With a network as large as it is, security is bound to be a concern. The social network recently added a feature to allow users to always use encrypted URLs (HTTPS) to increase security.
Top Public Relations News:
News from Golin, Peppercomm, The Publicity Agency, Ketchum, and MDC Partners
Citadel Public Relations: UK PR Firm in United Kingdom
BP’s Aggressive PR Plan Revealed, Piss Everyone Off
What’s Happening at Finn Partners, DiGennaro Communications, Ketchum & Berk Communications
Little League is All Grown Up With Their Own PR Firm(s)
E.coli Outbreak in Germany, a PR Nightmare for Spain
Pamela Zapata of Society Eighteen Feature Q & A
4 Tips for Hosting Better Meetings
From North Jersey Community Bank to ConnectOne Bank: PR’s Role in a Successful Rebrand and IPO
PR News From PMK, APCO Worldwide And More