Recently, the security firm Symantec discovered a leak in Facebook’s infrastructure allowing advertisers to access data such as your personal profile, photographs, and chats enabled by about 100,000 Facebook applications. It seems that the advertisers didn’t know that they had access, however, Symantec also commented that there may be other ‘spare keys’ to many accounts lying around. So please, change your password.
During the introduction of Facebook applications in 2007, Facebook used an authentication process that basically generated ‘spare keys’ to an account for use by the IFRAME app. Now Facebook is using a different system of authentication called OAUTH2.0 that is said to not have the same weakness. Now that the authentication ‘spare keys’ are not being given out any more, changing your password will render any existing keys useless. Looking back, privacy wasn’t the biggest thing to be concerned about — at least not from your friends.
All along, many of the largest concerns about Facebook have been tied into the idea of privacy and we find out that they have been (potentially) leaking personal data for the last four years? Not only that, but a situation like this could leave a mobile device extremely vulnerable. Having access to your account would allow them to have all of your personal data along with anything you have from your friends, such as email addresses, phone numbers, street addresses and more. With this and the PlayStation fiasco, you might as well make a billboard with your social security number on it.
