Most of us naively operate under the assumption that certain things we do (i.e. Facebook messages) are totally private and nobody can access this information. Safe assumption, right? Well unfortunately, Symantec just announced that that third-party Facebook applications had access to users’ accounts and profiles “for years meaning they could see your profile, photographs, chat messages and collect your personal information. Im sure many of you are saying oh I am not worried I have everything on Facebook set to private. Sorryeven the most savvy Facebook users were exposed as well.
The good news is that these applications may not have known that they could access this data. And, Facebook has confirmed that it plugged the leak. However as ZDNet pointed out, there are 20 million applications installed by users per day, meaning that the risk of your personal information being leaked was very high.
If you want to know how this happened from a technical standpoint, heres more from the ZDNet story:
Symantec explain how access tokens, or ’spare keys’ that are granted to you by Facebook, can be used to authorise certain actions on behalf of the user. These are set up by the application installed, through the permission request box. Though these keys will expire after a short time, some of these tokens allow applications to access your data while you are not using the site.
What can we say about Facebook and privacy that hasnt already been said? We trust our personal lives with a company comprised of human beings that ultimately want to make money. Yes, human error does occur in the technology world, though it seems that the stakes are too high with Facebook and there should be no margin of error.
Similar Posts:
- 100 Million Facebook Profiles Published via P2P
- Facebook will let your friends say where you are (whether you are, or not)
- Avoid Identity Theft — Know Your Firewalls
- Top 5 Credit/Debit Card Skimming Attacks
- 5 Tips to Avoid bin Laden Scams
