+ + + 3 BRANDNEW NewsTickers for your Website! + + + easy configurable in less than 1 Minute + + + GET'EM NOW! + + +

   Home | Join | Submit News | MyShortNews | HighScores | FAQ'S | Forums 0 Users Online   
                 01/16/2018 11:59 PM  
  ShortNews Search
search all Channels
RSS feeds
  ShortNews User Poll
Are you excited about the holiday season?
  Latest Events
  3.328 Visits   2 Assessments  Show users who Rated this:
Quality:Very Good
Back to Overview  
05/01/2008 10:57 AM ID: 70384 Permalink   

BBC Finds Facebook Flaw


A team of programmers working for the BBC's 'Click' programme have found a flaw in Facebook security which could potentially mean users personal details are at risk. In under 3 hours the team had written an application to harvest details from users.

The application was also able to get details of the target user's friends. Details included date of birth, address and contact number. No-one is able to say if criminals are exploiting this type of application for identity theft.

To access someone's data an application must first be added, it is then able to grab data from friends of the person who added it as well. To protect themselves a user must block the application. Such applications break Facebook terms and conditions.

    WebReporter: Maxx20 Show Calling Card      
ASSESS this news: BLOCK this news. Reason:
  A bit  
off my normal topic :-)

The link to the BBC report is:

It doesn't contain as much text as the source I listed so hence I didn't use it. The video is worth a watch though.

Also, I noticed when doing the search for this news that SN has facebook group, I'm gonna go join :-)
  by: Maxx20     05/01/2008 10:59 AM     
Is this really a facebook flaw?

It specifically asks you, when you attempt to add an application, if you want to allow it to have "know who you are and access your information". If you don't want the applications to know who you are, don't add them.
  by: Svengali   05/01/2008 02:14 PM     
  It is high time...  
everything on the net where details are concerned, should be made more secure.
  by: captainJane     05/01/2008 03:25 PM     
...what exactly are they going to harvest from it? Your favorite films and a few photos of you drunk at the office party?
  by: barryriley   05/01/2008 05:07 PM     
  I think  
it's the name, address and telephone details they'll be interested in, although drunk party snaps are fun too :-)

Has to be said, it's the users fault. As Svengali pointed out, the user has to add the application. They also upload their details of their own free will.

The only point where this could be an issue is if the criminals were smart enough to code-up a useful / attractive app (game for instance) where the user could use it but never know it's primary function.
  by: Maxx20     05/01/2008 05:20 PM     
  the user doesn't have to add it  
in the bbc article they explain that all it needs is ONE OF YOUR FRIENDS to add it, then it harvests data of all of their friends (including you).

anyway , everyone should know not to put personal info on the internet.
  by: fort   05/01/2008 05:28 PM     
  The thing about  
Personal info... Is that it's already so readily available.

I tend to let people know my (first) name. That might be enough to put into Canada411 to find my listed number.

As long as nobody tries to break into my house and rape me, I'm okay with them knowing.
  by: edya   05/01/2008 07:44 PM     
  Data Mining  
It scares me to think of the databases govs like the US, China, Russia are building. I never put ALL of my info into one site, but if some one made all of the connections between my many banking, email, paypal, ebay, shortnews, facebook etc. then they will have everything about me...

I used to think the internet would be the savior of humanity and freedom of expression, but I'm starting to think that the implications of your govt having all your personal info outweighs the benefits. Its going to be a lot easier for totalitarian govs to not only spot, but ASSUME dissidents. THOUGHT POLICE!
  by: lachs     05/02/2008 06:50 AM     
While I believe that their is something to be said about not wanting the government to not know what your doing, I doubt the internet really allows them to "harvest" information.

I know a friend of mine who deleted his Facebook profile because he was scared about all of his information sitting on the internet, no matter how "locked down" it was.

If the government really wanted to know more about you and "harvest information" on you ... they don't need a Facebook profile. They will just hire a P.I. to follow you around. Big Brother is unavoidable in a society where you submit all your information to the government on your Tax Forms.
  by: Daev     05/02/2008 04:43 PM     
Copyright ©2018 ShortNews GmbH & Co. KG, Contact: