Thursday May 23, 2019
Home Lead Story Bug in Facebo...

Bug in Facebook Messenger Allow Websites to Gain Access to Users’ Data

Facebook Messenger has over 1.3 billion users globally

0
//
David Marcus, Facebook Vice President of Messaging Products, watches a display showing new features of Messenger during the keynote address at the F8 Facebook Developer Conference in San Francisco.

As Facebook CEO Mark Zuckerberg discussed about making his platform more secure, a bug in Facebook Messenger allowed websites to gain access to users’ data, including who they have been chatting with, say researchers.

Now fixed by Facebook, the vulnerability in the web version of Messenger allowed any website to expose who you have been messaging, revealed Ron Masas, researcher with cyber security company Imperva, in a blog post late on Thursday.

The researcher reported the vulnerability to Facebook under their responsible disclosure programme and the social media platform mitigated the issue.

In November 2018, Masas and his team discovered a Facebook bug that allowed websites to extract data from users’ profiles via cross-site frame leakage (CSFL) which is known as a side-channel attack performed on an end user’s web browser.

In a bid to prevent foreign interference into elections, facebook has also begun labelling all political and issue ads in the us -- including a "paid for by" disclosure from the advertiser at the top of the advertisement.
Facebook CEO Mark Zuckerberg. Wikimedia commons

“Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware,” wrote Masas.

Facebook Messenger has over 1.3 billion users globally.

Also Read- Now Users Can Report Tweets Leaking Their Private Information in Detail

Zuckerberg on Thursday said he is working to make Facebook “privacy-focused” like WhatsApp.

The “privacy-focused platform” will be built around principles like private interactions, encryption, reducing permanence, safety and interoperability. (IANS)

Next Story

Social Networking Giant Facebook Sharing Users’ Data with Telecom Firms, Phone Makers

The database contained 49 million records of several high-profile influencers, including prominent food bloggers, celebrities and other social media influencers

0
Facebook, photos
This photograph taken on May 16, 2018, shows a figurine standing in front of the logo of social network Facebook on a cracked screen of a smartphone in Paris. VOA

A confidential Facebook document reviewed by The Intercept has revealed that the social networking giant is offering private data of its users without their knowledge or consent to 100 different telecom companies and phone makers in 50 countries.

Confidential documents seen by the website showed late Monday that Facebook is helping operators and phone makers “create targeted advertising by supplying them with surveillance data slurped directly from users’ smartphones”.

Not only that, the social networking giant is also collecting data from its main iOS and Android apps, Messenger and Instagram apps — even snooping into the phones of children as young as 13.

Through a tool called “Actionable Insights”, Facebook is allegedly collecting data including technical details about smartphones, cellular and Wi-Fi networks used by Facebook users, locations visited social groups and interests.

Facebook reacted in a statement late Monday: “We do not, nor have we ever, rated people’s credit worthiness for Actionable Insights or across ads, and Facebook does not use people’s credit information in how we show ads”.

According to the report, “the data has been used by Facebook partners to assess their standing against competitors, including customers lost to and won from them, but also for more controversial uses like racially targeted ads”.

Facebook launched “Actionable Insights” tool last year “to address the issue of weak cellular data connections in various parts of the world.”

“The confidential Facebook document shows how the programme, ostensibly created to help improve underserved cellular customers, is pulling in far more data than how many bars you’re getting,” said the report.

Facebook
Facebook’s founder and CEO Mark Zuckerberg speaks at the Viva Tech start-up and technology summit in Paris, France, May 24, 2018. VOA

“The Facebook mobile app harvests and packages eight different categories of information for use by over 100 different telecom companies in over 50 different countries around the world, including usage data from the phones of children as young as 13,” the report claimed.

These categories include use of video, demographics, location, use of Wi-Fi and cellular networks, personal interests, device information, and friend homophily, an academic term of art.

Also Read- China Excludes Taiwan from Participation in World Health Assembly

From these categories, a third party vendor could learn an extraordinary amount about patterns of users’ daily life.

The news came after Facebook’s photo-sharing service Instagram saw itself in trouble as personal data of millions of celebrities and influencers were allegedly exposed on its platform in a massive database that was traced to Mumbai-based social media marketing firm Chtrbox.

The database contained 49 million records of several high-profile influencers, including prominent food bloggers, celebrities and other social media influencers, TechCrunch reported. (IANS)