CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
May 5th, 2010

Facebook Bug Allowed Chats To Be Eavesdropped

Facebook engineers on Wednesday disabled the site’s live chat function after people outside the company discovered a bug that allowed users to eavesdrop on their friends’ conversations. The site also had to take emergency action to correct a separate hole that allowed users to see their friends’ pending friend requests.

Ironically, the gaffes were the result of a new “preview my profile” service Facebook added late last month in an effort to give users more control over their privacy settings. Facebook said they had persisted for “a limited period of time,” but wasn’t any more specific.

In a statement issued a few hours after the bug was reported by TechCrunch, Facebook said it temporarily suspended the chat function while it patched the information leak. With that work completed, it said it expected to turn chat back on “shortly.”

Over the past month, Facebook has been under siege by a variety of critics who say the site is imperiling the privacy of its 400 million or so users. Even Chris Kelly, Facebook’s former privacy chief, has jumped on the bandwagon. Last month, while stumping to be California’s next attorney general, he took pains to distance himself from the most recent policy shift, which automatically shares user data with partners.

“I strongly encourage Facebook to structure all its programs to allow Facebook users to give permission before their information is shared with third parties,” he wrote.

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Another Vulnerability Leaks Private Data On Facebook
  • Facebook Urges Public Exposure In ‘Privacy’ Revision
  • Facebook, MySpace Backdoor Exposed User Accounts
  • Facebook Bug Reveals Names And Photos For All 500 Million Users
  • Twitter Bug Allowed Users To Forcefully Add Followers

    • Posted in Breaches And Incidents, Privacy, Social Networks, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Wednesday, May 5th, 2010 at 2:05 pm and is filed under Breaches And Incidents, Privacy, Social Networks, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Facebook Bug Allowed Chats To Be Eavesdropped

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »