A bug in Facebook's login system reveals your full name and profile picture, no matter how high your privacy settings are set. As spotted by The Register, it's a wonder why no one has noticed this potentially dangerous bug before. The picture and details page at the login has been around for a long time now but word has never gotten out about the security risk it poses.
The bug allows anyone, even those without an account, to enter a persons email address and a random password, revealing the users full name and profile picture. This technique will even reveal accounts that have set their privacy settings to be searchable by friends of friends or nobody. This means every account on Facebook, no matter how secure, can have their basic information and profile picture revealed.
Although the bug might seem harmless, it means anyone can take an email address associated with a Facebook account and reveal your information. This could spell disaster if your email is on a spam mailing list and run through a simple script that checks each email address and gathers information from Facebook.
There isn't much any user can do at the moment, other than wait for Facebook to address the situation and apply a quick fix for the problem.
No comments:
Post a Comment