The BBC's technology programme Click has exposed a security flaw in the social networking site Facebook which could compromise privacy.
Using a simple malicious application could open up yourself and your friends (who do not need to install the application) to ID fraud. The BBC has compiled a video to demonstrate the flaw and if you are an avid Facebook user I suggest you watch it and take note. It's not clear whether the techniques described by the BBC are currently in use on Facebook but if one of your friends only has to add the application and this opens your Facebook profile up this is a serious flaw.
Video: >> Click here <<
View: BBC News Article
Using a simple malicious application could open up yourself and your friends (who do not need to install the application) to ID fraud. The BBC has compiled a video to demonstrate the flaw and if you are an avid Facebook user I suggest you watch it and take note. It's not clear whether the techniques described by the BBC are currently in use on Facebook but if one of your friends only has to add the application and this opens your Facebook profile up this is a serious flaw.
Video: >> Click here << View: BBC News Article
If you're going to report something and get people all worked up about it, then ALSO report that there are, obvious ways, to turn it off. Here's how to do it ... go to Privacy, then Applications ...
Just disable that information, then those applications won't be able to access "your personal information, which can lead to ID theft". Just another reason to never take the media at face value without doing your own "investigation" of the facts ...
Yes, that's what the picture I posted shows.
I'm sure it will be quite easy to create an application that can do this...
Moral of the story - Don't put personal information on facebook
it must be.
You agree to grant the application access to this information when you add it.
Just the BBC being paranoid about data theft again.
Even if your security settings are tight (mine are), my profile is still set to allow my friends to see my info. Therefore, if an idiot friend of mine grants an application what are essentially admin rights on his / her profile, then that app can see all the information that that person's profile has access to - i.e. presumably my profile.
Unless I'm misunderstanding - I only skimmed the article.
Even if your security settings are tight (mine are), my profile is still set to allow my friends to see my info. Therefore, if an idiot friend of mine grants an application what are essentially admin rights on his / her profile, then that app can see all the information that that person's profile has access to - i.e. presumably my profile.
Unless I'm misunderstanding - I only skimmed the article.
your understanding is correct, it's Lt-DavidW who isn't understanding.
Even if your security settings are tight (mine are), my profile is still set to allow my friends to see my info. Therefore, if an idiot friend of mine grants an application what are essentially admin rights on his / her profile, then that app can see all the information that that person's profile has access to - i.e. presumably my profile.
Unless I'm misunderstanding - I only skimmed the article.
your understanding is correct, it's Lt-DavidW who isn't understanding.
good.
I thought most of us knew this already! LMAO @BBC
Last edited by leesmithg on 02 May 2008 - 17:12
When people allow applications to use that personal info, they don't assume it's being harvested for anything other than the game. So the privacy flaw is a deception. jmo
i encourage you guys to do what you think is want. i think that facebook is a big social thing nowadays, and a lot of people in certain demographics seem to use it.
i think at the end of the day, people on these networks really care about themselves and on occasion a few people they kind "follow" around.
call me a rebel rouser, but I'd like to see the day where people login one day to see the latest 10 profile views on their page. people would be in effect, caught "peeping" and feel utterly humiliated by the feeble and pathetic basis of the site. this is why myspace was so quick to stunt this. everyone wants to know who views their profile, but not the other way around.
these are people who know each other in real life, but much of the peeping happens between the weaker IRL ties. who is peepin your profile?
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.