Monday February 18, 2019
Home Lead Story Facebook Requ...

Facebook Requests People To Re-Login Into Their Accounts To Secure From Hackers

Facebook said it does not know who is behind this massive security attack.

0
//
Fake News, Facebook, dating
Intel, Facebook working on cheaper AI chip. VOA

After Facebook admitted that hackers broke into nearly 50 million users’ accounts by stealing their “access tokens” or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.

Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to “View As” look-up in the last year.

“For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms,” Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.

Facebook
This Feb. 19, 2014, photo shows the social media giant’s app icon on a smartphone in New York. VOA

According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.

“When a feature like ‘View As’ can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability,” noted Dr McGraw.

“Design flaws like this lurk in the mind boggling complexity of today’s commercial systems, and must be systematically uncovered and corrected when software is being designed and built,” he added.

Facebook
CEO Mark Zuckerberg delivers the keynote address at a Facebook developers conference in San Jose, California. VOA

If you’ve ever wondered what keeps you logged into your account even after you restart your laptop/browser – those are access tokens (cookies).

They maintain a constant session even when your IP changes.

“In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target’s account that would give the attacker, complete access of the target’s account,” said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.

According to experts, they don’t know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one’s profile data but, in this case, potentially the personal messages, pictures and chats, among others.

Facebook
Silhouettes of mobile users are seen next to a screen projection of Facebook logo in this picture illustration. VOA

“As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc,” Modi advised.

Facebook said it does not know who is behind this massive security attack.

Also Read: Facebook Suffers From Data Breach Putting 50 Mn People at Risk

“We’re working hard to better understand these details and “we will update this post when we have more information, or if the facts change,” said the company.

In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon. (IANS)

Next Story

UK Parliamentary Report Highlights Facebook Acting as ‘Digital Gangsters’

The report highlights Facebook documents obtained by the committee relating to a Californian court case brought by US-based app developer Six4Three.

0
Facebook
Facebook App on a smartphone device. (VOA)

Lashing out at Facebook for behaving like “digital gangsters” in the online world, a UK parliamentary committee concluded that the social networking giant intentionally and knowingly violated both data privacy and anti-competition laws.

In its final report on Monday after an 18-month investigation into disinformation and “fake news”, the Digital, Culture, Media and Sport (DCMS) select committee of the UK Parliament called for stricter regulation to make Facebook end spread of disinformation on its platform.

“Democracy is at risk from the malicious and relentless targeting of citizens with disinformation and personalised ‘dark adverts’ from unidentifiable sources, delivered through the major social media platforms we use everyday,” Damian Collins, Chair of the DCMS Committee, said in a statement.

The report highlights Facebook documents obtained by the committee relating to a Californian court case brought by US-based app developer Six4Three.

Facebook
The now-defunct start-up Six4Three alleged that Facebook collected information on users and their friends through its apps. Pixabay

Through scrutiny of internal Facebook emails between 2011 and 2015, the report found evidence to indicate that the company was willing to override its users’ privacy settings in order to transfer data to some app developers.

The investigation found that Facebook was willing to charge high prices in advertising to some developers, for the exchange of data, and starve some developers – such as Six4Three – of that data, contributing to them losing their business.

The now-defunct start-up Six4Three alleged that Facebook collected information on users and their friends through its apps.

The report also named Facebook CEO Mark Zuckerberg who refused summons to appear before the committee three times.

“By choosing not to appear before the Committee and by choosing not to respond personally to any of our invitations, Mark Zuckerberg has shown contempt towards both the UK Parliament and the ‘International Grand Committee’, involving members from nine legislatures from around the world,” the report said.

 

facebook
The report also named Facebook CEO Mark Zuckerberg who refused summons to appear before the committee three times. Pixabay

“Mark Zuckerberg continually fails to show the levels of leadership and personal responsibility that should be expected from someone who sits at the top of one of the world’s biggest companies,” Collins said.

Launched in 2017, the inquiry intensified after the Cambridge Analytica data-harvesting scandal became public.

 

ALSO READ: Just Like Twitter, LinkedIn Starts Showing Trending Professional Stories

In the 108-page report, the UK lawmakers accused Facebook of continuing to prioritise shareholders’ profits over users’ privacy rights.

“We are open to meaningful regulation and support the committee’s recommendation for electoral law reform,” Karim Palant, Facebook’s UK public policy manager, was quoted as saying by The Guardian. (IANS)