Symantec Catches Facebook Leaking Info
A programming bug found yesterday on Facebook’s website may have mistakingly given advertisers a dose of personal information according to researchers at anti-virus organization, Symantec. The issues were posted on Tuesday saying that it was probably a bug that has affected 100,000 Facebook applications for years. Symantec claims that Facebook apps have been inadvertently giving advertisers access tokens (special codes that are used by a browser to access Facebook accounts over the Internet).
Since each token has specific permissions set, it is possible that advertisers were able to read Facebook walls, access friends’ profiles, and posting to the wall. The tokens were leaked when URLs were referred about Facebook apps being passed onto advertisers and others. Symantec is not sure whether others knew the problem existed, but is staying cautious in assuming that at least a group of people knew about the bug.
Facebook has now fixed the problem but unfortunately, this does not prevent the passing of current tokens that are in circulation and stored in server log files on the web. Symantec also said that if users are concerned, they can change their password which is like “changing the lock” on the Facebook account. Finally it seems that we had a legitimate concern of too much information getting out to unwanted persons. I wonder if this news will increase paranoia against Facebook.