Facebook applications security flaw fixed

facebook attempts to get ny mans claim of ownership thrown out logoA security flaw concerning Facebook applications that allowed advertisers to access user profiles has now, according to the social networking site, been dealt with.

Internet security firm Symantec said in a blog post that third parties “have accidentally had access to Facebook users’ accounts including profiles, photographs, chat, and also had the ability to post messages and mine personal information.”

Symantec’s Nishant Doshi, who discovered the issue along with co-worker Candid Wueest, pointed out that most of these third parties will not have known about the flaw. “Fortunately, these third-parties may not have realized their ability to access this information. We have reported this issue to Facebook, who has taken corrective action to help eliminate this issue,” Doshi said in the post.

Doshi explained that some Facebook applications inadvertently leaked what are called “access tokens” to third parties. Facebook applications are programs integrated into the Facebook website that enable users to shop and play games, among other things.

“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage [and that] over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties,” Doshi said.

The access tokens are described as being like spare keys that can be used to carry out certain actions on behalf of a user or to access the profile of a user. Doshi explained that “each token or ‘spare key’ is associated with a select set of permissions, like reading your wall, accessing your friend’s profile, posting to your wall, etc.”

In an email to the Wall Street Journal, a spokeswoman for Facebook said, “We’ve conducted a thorough investigation which revealed no evidence of this issue resulting in a user’s private information being shared with unauthorized third parties.”

According to Doshi, Facebook has been taken steps to fix the flaw to prevent further token leaks. He added, however, that “we fear a lot of these tokens might still be available in log files of third-party servers or still being actively used by advertisers.”

If any Facebook users are still worried about security with regards to this issue, Doshi has some useful advice: “Concerned Facebook users can change their Facebook passwords to invalidate leaked access tokens. Changing the password invalidates these tokens and is equivalent to “changing the lock” on your Facebook profile.”

With a site as massive as Facebook, security issues are bound to hit the headlines from time to time. In January the social networking site beefed up security by incorporating HTTPS capability. This came in the wake of a study conducted by Digital Society that looked at the basic security functions of some popular websites – Facebook didn’t come out of that too well. In January, the fan page of Facebook CEO Mark Zuckerberg was hacked (though his personal page remained intact) and was taken down. Worshippers of the man will be happy to know that the page is back up.

Social Media

Facebook explains its worst outage as 3 million users head to Telegram

Facebook, if you didn't already know it, suffered a bit of an issue on Wednesday, March 13. An issue that took down not only its social networking site, but also Instagram, WhatsApp, and Messenger. On Thursday it offered an explanation.
Social Media

Federal investigation digs into Facebook’s data-sharing deals

Facebook confirmed it is cooperating with a federal criminal investigation. According to a report, the company is under investigation for sharing user data with smartphone and tablet companies.
Social Media

Yep, it’s not just you. Facebook, Instagram, and WhatsApp are down for many

Facebook's family of apps has been suffering issues for much of the day. Instagram, WhatsApp, Facebook Messenger, and Facebook itself have been out of action for users around the world, with the company scrambling to sort it out.
Computing

Protecting your PDF with a password isn't difficult. Just follow these steps

If you need to learn how to password protect a PDF, you have come to the right place. This guide will walk you through the process of protecting your documents step-by-step, whether you're running a MacOS or Windows machine.
Computing

Western Digital’s $55 solid-state drive gives new life to your aging PC

Western Digital is hoping that you'll pick up one of its affordable WD Blue SN500 solid-state drives to give your aging PC more storage and a speed boost. WD's NVMe-based drives are up to three times faster than older SATA SSDs.
Computing

Give your discs some extra life by watching DVDs and Blu-rays on Windows 10

Popped a disc into your Windows machine but feel lost without Media Center? You're not alone. But don't fret, with just a few tips you can learn how to watch DVDs and Blu-rays for free in Windows 10 in no time.
Emerging Tech

Awesome Tech You Can’t Buy Yet: Write music with your voice, make homemade cheese

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Deals

Walmart slices price on Canon ImageClass MF232W Wi-Fi laser printer

If you don’t need color printing, a monochrome laser printer like the Canon ImageClass MF232W can save you a lot of time and money. This beefy all-in-one Wi-Fi printer is on sale from Walmart for almost half off, letting you score it for…
Computing

Is 14 inches the perfect size for a laptop? These 4 laptops might convince you

If you're looking for the best 14-inch laptops, there are a number of factors to consider. You want good battery life, an attractive screen, solid performance, and a good build. Our favorites that do all that and more.
Gaming

Get Corsair’s best mechanical keyboard at a decent discount

From March 17 to 23, you can get one of the best mechanical keyboards around at a great price. The Corsair K95 RGB Platinum is normally $200, but this week you can pick one up from Amazon for $160.
Computing

Need more from your conference white board? The Surface Hub 2 should have it

The Surface Hub 2 could be the most expensive whiteboard ever made, but it should be a powerful and capable one. With the ability to connect several of the 50-inch displays together, the picture at least, should be gorgeous.
Computing

Teens using Google Docs as the modern version of passing notes in class

Google Docs is reportedly being used by teens as a secret communications app. Instead of passing notes, students are now using the software's live chat function or comment boxes to talk with their friends while in the middle of classes.
Emerging Tech

A.I.-generated text is supercharging fake news. This is how we fight back

A new A.I. tool is reportedly able to spot passages of text written by algorithm. Here's why similar systems might prove essential in a world of fake news created by smart machines.
Computing

Windows updates shouldn't cause problems, but if they do, here's how to fix them

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.