>The BULLDOG Rant : Facebook Why No response on the security issue


>http://www.petitiononline.com/signatures.php?petition=TheBDEst Subscribe to The BULLDOG Estate by Email

A simple statement from your Facebook Security would have been great Something Like:
Hey guys – shit happens, change your passwords and you’ll be fine.. Well explain later..”

Where is their Guitar Playing Security Hero Now??? No Where. Stick with The BULLDOG Estate , We do a better Job anyway.



Symantec researchers issued a statement yesterday informing Facebook users to change their Facebook login password immediately. Apparently they have uncovered a Facebook bug which was able to provide 3rd party access to Facebook users’ accounts.
They estimate that as of April 2011, close to 100,000 Facebook applications were leaking what they call “Access token’s” to 3rd party advertisers.
Quote Via Symantec
Access tokens are like ‘spare keys’ granted by you to the Facebook application. Applications can use these tokens or keys to perform certain actions on behalf of you the user or to access the user’s profile. Each token or ‘spare key’ is associated with a select set of permissions, like reading your wall, accessing your friend’s profile, posting to your wall, etc.
Facebook took corrective action to help eliminate this issue once Symantec notified them of it, however there is no possible way to estimate how many access tokens have already been leaked since the release of Facebook applications back in 2007. Because of this, Symantec fears that a lot of these tokens might still be available in log files of third-party servers or still being actively used by advertisers.
Symantec states that concerned Facebook users should change their Facebook passwords immediately to invalidate the leaked access tokens. Changing your Facebook password makes the leaked access tokens invalid and is equivalent to “changing the lock” on your Facebook profile.

How To Change Your Facebook Password:

  1. From your Facebook home page click “Account”, Then “Account Settings“.
  2. On the “My Account” page, In the “Settings” tab, scroll down to the heading “Password” and click the “Change” Link to the right of that heading.
  3. Once you’ve typed in your old password and then your new password twice, simply click the “Change Password” button and you are done. (Please remember not to make your password easy to guess or to  make the same as you have on other web accounts.)
To read more about the issue, please visit the links below.

Facebook Applications Accidentally Leaking Access to Third Parties
http://www.symantec.com/connect/blogs/facebook-applications-accidentally-leaking-access-third-parties

Symantec: Facebook Security Flaw Could Have Compromised User Information
http://www.huffingtonpost.com/2011/05/10/facebook-app s-flaw-leak-profile-access_n_860278.html

Share Leave a Comment and Share to Facebook

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: