Facebook Apps Leaking Your Information

A report was recently published claiming that nearly 100,000 Facebook apps have been leaking  access codes belonging to millions of users’ profiles. Symantec released the report and said that an app security flaw may have given apps and other third parties access to users’  profiles. Facebook maintains that they have no evidence of this occurring.

In their report, Symantec wrote:

We estimate that as of April 2011, close to 100,000 applications were enabling this leakage. We estimate that over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties.

These “access tokens” help apps interact with your profile.They are most often used to post updates from the application to your wall. When you add the applications to your profile you, as the Facebook user, is giving the apps access to your information by accepting their conditions.  According to the investigation, these tokens were included in URLs sent to the application host and were then sent to advertisers and analytics platforms. If the recipient recognized the codes (meaning they have to be qualified to read and write HTML code), they could gain access to the user’s wall’s and profile.

Leave a Comment

Posted in Online Privacy by Identity Theft Speaker John Sileo.
Tags: "Facebook Speaker", Facebook, Facebook apps, Facebook Safety, Facebook Security, John Sileo, Online/Social Media Privacy, Social Media Security, social networking, Social Networking Expert, Social Networking Speaker