Facebook Fixes Web Programming Bug

Kara Reeder

M.J. Keith, a senior security analyst with security firm Alert Logic, has discovered a Facebook Web programming flaw that could allow hackers to alter profile pages or make restricted information public, according to an IDG News Service article in The New York Times.

 

The bug involves the way Facebook verifies that browsers connecting with the site were the ones they claimed to be. Keith discovered that by deleting the "post_form_id" token he could change many settings on any Facebook account, such as making users' private information public, changing or reading profile information, even adding new contact e-mail addresses.

 

Facebook claims it has fixed the bug and says it is not aware of any malicious activity involving it.

 

The company recently rolled out two new security features designed to protect users from phishers and other online scammers.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data