What Will Google Announce Next Week?
Facebook Forced To Let You Vote On Privacy Changes
Facebook Login Loophole Reveals User Names and Profile Pictures
The bug was first flagged by Atul Agarwal, security researcher and CEO of Secfence Technologies. Agarwal apparently noticed the glitch after trying to log on to his account with an incorrect password. In a subsequent e-mail posted to the Full Disclosure mailing list, the researcher described how the loophole could be manipulated to harvest user data, and even came up with a proof of concept script to demonstrate how it could be done. Not long after Agarwal posted his explanation, another mailing list user named Javier Bassi noted that, even if a user types in an invalid e-mail address, Facebook's system will automatically suggest a valid profile picture, user name and e-mail address that's similar to the incorrect address first entered.
Shortly after Information Week broke the story, Facebook responded with a statement reassuring users that the site's engineers are cooking up a solution. "We have technical systems in place to prevent people's names and photos from showing to unrelated users upon login, but a recently introduced bug temporarily prevented these from working as intended," the statement reads. "We are already working on a fix and expect to remedy the situation shortly." Granted, the bug may not reveal your most valuable, highly protected information, but, at a time when many users are growing wary of the site's privacy protection, it's good to know that Facebook is doing its best to patch the hole. [From: CNET and InformationWeek]
Featured on Switched:
40 Years Later 'Napalm Girl' Tells Her Story
Disney World Scammers Scored Four Years of Free Vacations
PHOTOS: Charlize Theron's Short And Shoulder-Baring Style
Stranger's Kiss Keeps 16-Year-Old From Committing Suicide
Rookie Cop Reportedly Berated, Called 'A Rat' For Arresting Off-Duty Officer
Kansas Police Search For 12-Year-Old Girl Who Disappeared With Canadian She Met Online
Walmart Ending Membership in Conservative Group
How I Went Bankrupt at 23
Disturbing Video Allegedly Shows Montreal Torso Suspect Murdering Victim
Can a New Guy Save Best Buy?
Woman Claims Kangaroo Stalked Her for 2 Days, Then Attacked
George Zimmerman's Bond Revoked
Pete Cosey Dead: Chicago Guitar Great and Miles Davis Collaborator Dies at 68
Facebook, Week Two: Fortunes Made and Fortunes Lost (Mostly Lost)
Chain Food Showdown: The Best & Worst Buffalo Wings
Michael Grant Dead: Crescent Shield Singer Dies Aged 39
Lost Dr. Seuss Cartoons Show Another Side Of The Author
Witherspoon Bigamy Case Heats Up
New Discovery Sheds Light On Amelia Earhart Mystery
Student Ate Roommate's Brain And Heart, Cops Say
Porn Actor Mailed Murder Victim's Body Parts To Canada's Top Political Parties: Cops
Space Agency Predicts Date Of World-Ending Galactic Smash-Up
Is Kate Walsh Leaving 'Private Practice' Next Season?
See Kim Without Her Wig On 'Don't Be Tardy For The Wedding'
PHOTOS: This Month's Biggest Photoshop Fails
Heidi Klum's Sexiest (And Scariest) Outfits
LOOK: Photos Of Military Moms Breastfeeding In Uniform Cause Controversy
Luka Magnotta: 'I'll Be Back -- And This Time The Victims Won't Be Animals'
Zombie Apocalypse: Federal Government Denies Existence Of Flesh-Eating Monsters
Zhang Ziyi Slams Prostitution Allegations
10 Surprising Things You Didn't Know About Your Skin
Why You Should Never Wear One Of These To A Job Interview (And Other Tips)
Comments
29
Subscribe to commentsAdele RobersonAug 12th 2010 7:22PM
Facebook Login Loophole Reveals User Names and Profile Pictures
************************* I am out of there! I got sucked in by some relatives... I really know better
There is no privacy on the web.... nowwhere.
tiguesaysAug 12th 2010 9:48PM
Has anyone else found Facebook completely hacked this evening? I can't get to my account, to the login page, or to the pages of any of my friends--all that comes up on any of these pages is some page called Lundbladh in some Scandinavial language.
kozlowbarbaraAug 13th 2010 9:58AM
If you write something on facebook ,its out there. You can`t take it back .
Er1caGAug 14th 2010 3:19PM
This glitch is still working. But I'm guessing they can't see all that if they don't know your email address.
johnsmithAug 17th 2010 7:19AM
stupid people
Stan BergAug 17th 2010 8:50AM
What is the big deal about your name and your profile picture....Your name is in all phone books and directories....big deal...if you don't like how you look, hide under a rock or change your profile picture...I continue to be amazed at what makes people upset!
tomAug 17th 2010 9:02AM
face book does NOT want to fix many technical problems, including uploading of videos and pictures; their chat does not work very well either.
so, to all of you face book fans, strongly consider moving over to myspace, linked in or twitter.
AliceAug 17th 2010 9:31AM
it's funny i just tried this and it sure doesn't show my picture or full name. everyone makes facebook out to be the privacy nazi's but really why are you putting private stuff on a public forum? if it's gonna cause the world to end if some stranger knows who you're friends with maybe you're just too paranoid to be online
Don HotchkissAug 17th 2010 3:38PM
This privacy problem is another irresponsible action by Facebook. To make things worse, if you call their Customer Service number you will be told that they have no Customer Service. I had to cancell my account because someone had posted a lot of things on my profile. Facebook ignored my emails and there was no Customer Service. However, they were quick to ask me why I had cancelled my account.