Wednesday January 29, 2020
Home Lead Story Private Photo...

Private Photos May Have Been Exposed Due To Facebook’s Flaw

Facebook has also come under criticism for fake political ads posted on its site from Russia and other countries.

0
//
Facebook, photos
This photograph taken on May 16, 2018, shows a figurine standing in front of the logo of social network Facebook on a cracked screen of a smartphone in Paris. VOA

Facebook says a software flaw may have exposed private photos of nearly 7 million users, the latest in a series of privacy issues facing the social media company.

Facebook said Friday that the photo glitch gave about 1,500 software apps unauthorized access to private photos for 12 days in September.

“We’re sorry this happened,” Facebook said in a blog. It said it would notify users whose photos might have been affected.

Facebook, data, photos
A smartphone user displays a Facebook newsfeed .VOA

Irish regulator to investigate

The software flaw affected users who gave third-party applications permission to access their photos. Facebook usually allows the apps to access only photos shared on a user’s timeline. However, the glitch would have allowed the apps to see additional photos, including those on Marketplace and Facebook Stories, as well as ones uploaded but not shared.

It is not known whether any of the photos were actually accessed.

The lead regulator of Facebook in the European Union, the Irish Data Protection Commissioner (DPC), said it was investigating the situation to determine whether the company complied with strict new EU privacy rules.

While Facebook says the bug has been fixed, the revelation brought new scrutiny to a company that has faced a series of security and privacy breaches.

Facebook, data,photos
A television photographer shoots the sign outside of Facebook headquarters in Menlo Park, Calif. VOA

Earlier issues

Earlier this year, Facebook acknowledged that a political consultancy firm, Cambridge Analytica, gained access to the personal data from millions of user profiles.

In September, the company said it discovered a security breach affecting about 50 million user accounts that could have allowed hackers to access the accounts. The company said hackers exploited the “View As” feature, which lets users see how their own profiles would look to other people.

Also Read: Facebook Dismisses Report of Journalists’ Frustration With Fact-Checking

Facebook has also come under criticism for fake political ads posted on its site from Russia and other countries.

The company has more than 2 billion users worldwide. (VOA)

Next Story

“Ring Doorbell” App Owned By Amazon Gets Accused Of Sending Users’ Data To Third Parties

Amazon bought Ring in 2018 that sells a range of home security cameras as well as doorbells

0
Amazon
In November 2019, Amazon rolled out a security patch for its Ring Video Doorbell Pro after Bitdefender security researchers found that it was exposing Wi-Fi network credentials, thus, allowing nearby attackers to intercept them and compromise the household network. VOA

The US-based digital rights group the Electronic Frontier Foundation (EEF) has found that Amazon-owned Ring doorbell app is “packed” with third-party tracking, sending out plethora of customers’ personally identifiable information.

An investigation of the Ring doorbell app for Android discovered that four main analytics and marketing companies – including Facebook and Google — were receiving information such as the names, private IP addresses, mobile network carriers, persistent identifiers, and sensor data on the devices of paying customers.

“Not only does Ring mismanage consumer data, but it also intentionally hands over that data to trackers and data miners,” the EEF said in a release late Tuesday. “Ring claims to prioritize the security and privacy of its customers, yet time and again we’ve seen these claims not only fall short, but harm the customers and community members who engage with Ring’s surveillance system,” said the non-profit group.

In a statement to Gizmodo, the Amazon-owned home security and smart home company said it limited the amount of data it shared. “Like many companies, Ring uses third-party service providers to evaluate the use of our mobile app, which helps us improve features, optimise the customer experience and evaluate the effectiveness of our marketing,” the company said.

In November 2019, Amazon rolled out a security patch for its Ring Video Doorbell Pro after Bitdefender security researchers found that it was exposing Wi-Fi network credentials, thus, allowing nearby attackers to intercept them and compromise the household network.

Security researchers from Bitdefender said the Amazon-owned doorbell was sending owners’ Wi-Fi passwords in cleartext as the doorbell joins the local network, thus, allowing nearby hackers to intercept the Wi-Fi password and gain access to the network to launch larger attacks or conduct surveillance. The EEF said that Ring has exhibited a pattern of behaviour that attempts to mitigate exposure to criticism and scrutiny while benefiting from the wide array of customer data available to them.

“Our testing, using Ring for Android version 3.21.1, revealed PII (personally identifiable information) delivery to branch.io, mixpanel.com, appsflyer.com and facebook.com. Ring also sends information to the Google-owned crash logging service Crashalytics. The exact extent of data sharing with this service is yet to be determined,” said the group.

Amazon
The US-based digital rights group the Electronic Frontier Foundation (EEF) has found that Amazon-owned Ring doorbell app is “packed” with third-party tracking, sending out plethora of customers’ personally identifiable information. Pixabay

The group has in the past alerted about the mismanagement of user information which has led to data breaches. “This goes a step beyond that, by simply delivering sensitive data to third parties not accountable to Ring or bound by the trust placed in the customer-vendor relationship, it added.

Amazon bought Ring in 2018 that sells a range of home security cameras as well as doorbells. In December last year, parents of an eight-year-old girl in the US were left stunned when a hacker accessed a Ring video camera installed in their daughter’s room and taunted her.

ALSO READ: Precautions You Need to Take To Protect Yourself From Coronavirus

In the video, the hacker can be heard taunting the eight-year-old several times as she is seen clueless as where the voice is coming from. (IANS)