Facebook Security Hole Exposes Live Chat, Private Data

Author: Ryan Naraine
minute read

The problems with security and privacy on Facebook hit a new gear today with news that a web site vulnerability exposed live chat sessions and other private user data.According to a TechCrunch Europe report, the gaping security security on the Facebook site allowed any user to view the live chats of their ‘friends’ with just a few mouse clicks.

The problems with security and privacy on Facebook hit a new gear today with news that a web site vulnerability exposed live chat sessions and other private user data.

According to a TechCrunch Europe report, the gaping security security on the Facebook site allowed any user to view the live chats of their ‘friends’ with just a few mouse clicks.

From the article:

Using what sounds like a simple trick, a user can also access their friends’ latest pending friend-requests and which friends they share in common. That’s a lot of potentially sensitive information…

…The irony is that the exploit is enabled by they way that Facebook lets you preview your own privacy settings. In other words, a privacy feature contains a flaw that lets others view private information if they are aware of the exploit.

TechCrunch reported the issue to Facebook and the company pulled the live chat feature off line for what was described as  “maintenance.”

This YouTube video provides a glimpse of the severity of the problem:

Suggested articles

Discussion

  • Linda on

    I knew there was some thing wrong with that page. If they can see who you have pending can they accept or ignore someone. When I went on the other day someone had sent a request to be my friend I ignored him then he showed up as being my friend.Facebook is getting reall bad lately.

  • Scotty on

    Apparently the video has been removed due to a terms of use violation?

  • meriah on

    Valuable information and excellent design you got here! I would like to thank you for sharing your thoughts and time into the stuff you post!! Thumbs up! Big thanks for the useful info

    <a href="http://mysocial.tv/">twitter</a>

  • Anonymous on

    I had total strangers write to me saying that all I said sounded very interesting and they wanted to be my friends.  I prefer communicating only with my family and friends -- people I really know.

  • D_S_S on

    Most of us really need to use credit cards but unfortunately, ill-minded people have ways on how to access our account numbers and use it to their advantage. Shredding our credit billings, mail and other personal information with the help of a shredding Dallas company - as an example, is one way to combat this. We can also rely on this wallet protector against those who want to steal our credit card number.

     

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.

Subscribe now

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.