Facebook Security Hole Found on iOS and Android

This is a discussion on Facebook Security Hole Found on iOS and Android within the Apple News forums, part of the Apple News Room category; Macworld reports today on a new security hole that has been found in Facebook’s mobile apps on both iOS and Android that could be exploited ...

Results 1 to 1 of 1
  1. #1
    Super Moderator
    Join Date
    Jul 2011
    Posts
    350
    Member #
    64
    Liked
    8 times

    Facebook Security Hole Found on iOS and Android



    Macworld reports today on a new security hole that has been found in Facebook’s mobile apps on both iOS and Android that could be exploited by those wanting to steal your personal information. According to a report in The Register, Facebook’s mobile app does not encrypt a user’s login details. The hole was discovered by UK-based app developer Gareth Wright, who found the vulnerability while investigating app directories in his iPhone using a free tool. While looking around, he accidentally came across a Facebook access token in one of the games that he had installed on his iPhone. Wright copied the token’s code, and then used it to get information from Facebook using Facebook Query Language. “Sure enough, I could pull back pretty much any information from my Facebook account,” Wright said on his blog, meaning that anyone else could also do the same. Wright was then intrigued enough to further investigate the Facebook app’s inner workings, and said that he was “shocked” by what he found inside, which was essentially an unencrypted key giving anyone that had it total access to a Facebook account. “My jaw dropped as over the next few minutes I watched posts appear on my wall, private messages sent, webpages liked and applications added,” explained Wright. After conducting even more thorough investigations into the security flaw, Wright informed Facebook of his discovery, and says that Facebook has told him that it is working on a fix. Wright has said though that even if Facebook does release a fix, users are still vulnerable to being attacked by a malicious person using the plain text token stored by developers in their games’ plists.

    Source: Facebook security hole found on iPhone, Android devices | Macworld

  2. Ads

    Posts
    Many

Remove Ads

Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Replies: 0
    Last Post: 04-05-2012, 01:00 PM
  2. More '4G' Strings Found in iOS 5.1
    By sparkyscott21 in forum Apple Rumors
    Replies: 1
    Last Post: 03-26-2012, 04:18 PM
  3. Replies: 0
    Last Post: 11-28-2011, 10:13 PM
  4. Skype 5.4 Beta For Mac Gets Facebook-to-Facebook Video Calling
    By sparkyscott21 in forum Apple Forums Member News Depot
    Replies: 0
    Last Post: 11-17-2011, 04:18 PM

Tags for this Thread

Contact Us
Back to top