Again there is debate about privacy on Facebook: The network granted advertisers access to sensitive data.
As the security company Symantec notifies allow individual Facebook applications (Apps) access to user profiles, photos and posted items. Mainly Advertisers are so in theory have been able to send messages to user accounts. Apparently it was not but according to Symantec to abuse, because the gap was not noticed.
The reason for the vulnerability lies in the "Access token", a kind of second key to Facebook profiles, for which advertisers had accidentally Apps on individual access. Meanwhile, Facebook has responded and fixed the problem for the affected applications.
Symantec advises Facebook users still used to change the password for their site. Only with a new password to access old can no longer use tokens - many of which could still be in circulation. To April 2011 provided more than 100,000 apps access to the keys.
No comments:
Post a Comment