Wednesday, May 18, 2011

Facebook fixes a major security flaw

Facebook confirmed that it had corrected a major security breach that left confidential data leakage to third parties. Discovered by computer security company Symantec, the problem affected the operation of applications for social networking, these small game programs or services that integrate with Facebook pages and use the network authentication system.

When a user connects to an application, it allows the program to create a "token", the digital equivalent of a spare key, which avoids the user having to authenticate at all times. However, for applications that do not use the most recent protocols and more secure alternative that key can be decrypted by a third party.

Approximately 100 000 applications would be affected, according to calculations by Symantec. "A person who has access to this information has potential access to the entire user's account, details Heslault Lawrence, chief technology editor of Europe's anti-virus. This information, however, are not so simple to use so Machine on a large scale, and we have so far not indicated that they could be exploited.

No comments:

Post a Comment