Source -
By - Eric Larson
By - Eric Larson
Category - Diamond Buyer
Posted by - Cash gold Buyer |
| Diamond Buyer |
A web developer claims to have discovered a Facebook security flaw that could have allowed him access into any part of a stranger's profile.
Don't panic: Facebook has already fixed the problem. The developer,
Nir Goldshlager, notified the social network about the issue and waited
until it was resolved to go public with his discovery. He explained how
it worked in a blog post published Saturday morning.In the post, he says he was able to tweak the service OAuth,
used by developers to obtain various permissions their apps need to run
— for example, location data from your profile page. Goldshlager was
able to manipulate OAuth so a visitor to a Facebook page could get full
access — to inboxes, private photos and videos — with no expiration.
SEE ALSO: Can Storify Publish Your Private Facebook Status Updates?
He notified Facebook's security team and the security flaw has been
fixed. He adds, though, that many parts of the exploit stopped working
if the affected user changed the account's password.
Watch the video above to learn more.
No comments:
Post a Comment