Facebook Glitch Exposes User Accounts
By on November 2nd, 2012

A serious flaw has been discovered that allowed anyone to basically login to other’s Facebook account without the need of a password.

The flaw, which was posted on The Hacker News website, uses a search string. When you google this search string, around 1.34 million results of different Facebook profiles are obtained and when you click on some of the links, you will automatically log in to the profile associated with that particular link.

The flawed links are the ones that are mailed to users to notify them of comments or other notifications. These are designed to help users to respond quickly to those notifications without having to login. Those URLs are designed in such a way that they will only work once, Matt Jones, a Facebook engineer said in a comment made at the Hacker News.

For a search engine to come across these links, the content of the emails would need to have been posted online.

Regardless, due to some of these links being disclosed, we’ve turned the feature off until we can better ensure its security for users whose email contents are publicly visible.

Facebook has now disabled the feature to protect its users and is helping exposed users with securing their accounts. Most of the exposed users are said to be from Russia and China.

Tags: , ,
Author: Nithin Ramesh Google Profile for Nithin Ramesh
Nithin is a blogger and a Windows security enthusiast. He is currently pursuing Bachelors in Electronics and Communication. Apart from technology his other interests include reading and rock music. His Twitter handle is @nithinr6

Nithin Ramesh has written and can be contacted at nithin@techie-buzz.com.

Leave a Reply

Name (required)

Website (optional)

 
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN