Is Facebook secure? We questions the site’s security constantly, but no matter how many times evidence hints that the answer is a big fat “NO,” we keep coming back.
So there probably won’t be much fallout from the most recent Facebook security flaw discovery, even though Web application security specialist Nir Goldshlager figured how to hack into all of your Facebook pages. That’s right. Everyone. You. Me. Your grandma. Your high school friend who always posts uninformed political commentary.
Goldshlager investigated a weakness he found in Facebook’s OAuth system, and wrote about what the gaping security hole on his personal blog. In brief, he exploited an app authorization security flaw that easily gave him full access to
As Goldshlager described it, “there are built-in Applications in Facebook that users never need to accept.” So even if you studiously avoid giving third-party apps permission to access your account,
After reporting the problem to Facebook, the company awarded him its “White Hat” for security contributions. It also promptly fixed the bug.
Goldshlager exposes security flaws for a living, so if you’re worried about your nosy aunt hacking her way into your Facebook account, these flaws are too hidden for the average
While the security issue has been fixed, we can’t blame anyone who’s a bit shaken up by the privacy and security failures of social networks. So if all this freaks you out too much, check out our guide to deleting your Facebook permanently.
[photo credit: Nick Carter via Flickr]