Is Facebook secure? We questions the site’s security constantly, but no matter how many times evidence hints that the answer is a big fat “NO,” we keep coming back.
So there probably won’t be much fallout from the most recent Facebook security flaw discovery, even though Web application security specialist Nir Goldshlager figured how to hack into all of your Facebook pages. That’s right. Everyone. You. Me. Your grandma. Your high school friend who always posts uninformed political commentary.
Goldshlager investigated a weakness he found in Facebook’s OAuth system, and wrote about what the gaping security hole on his personal blog. In brief, he exploited an app authorization security flaw that easily gave him full access to
As Goldshlager described it, “there are built-in Applications in Facebook that users never need to accept.” So even if you studiously avoid giving third-party apps permission to access your account,
After reporting the problem to Facebook, the company awarded him its “White Hat” for security contributions. It also promptly fixed the bug.
Goldshlager exposes security flaws for a living, so if you’re worried about your nosy aunt hacking her way into your Facebook account, these flaws are too hidden for the average
While the security issue has been fixed, we can’t blame anyone who’s a bit shaken up by the privacy and security failures of social networks. So if all this freaks you out too much, check out our guide to deleting your Facebook permanently.
[photo credit: Nick Carter via Flickr]
Editors' Recommendations
- This game lets hackers attack your PC, and you don’t even need to play it
- Facebook is now called Meta, except not really. Let us explain
- A zero-day Google Chrome security flaw requires you to update now
- What the biggest tech companies are doing to make the 2020 election more secure
- Facebook says Apple didn’t let it tell users about App Store tax