New security hole in Facebook through Yelp

[tweetmeme source=”franscomputerservices” only_single=false]Yelp Security Hole Puts Facebook User Data At Risk, Underscores Problems With ‘Instant Personalization’ (TechCrunch):

TechCrunch Facebook/Yelp image

TechCrunch Facebook/Yelp image

As if Facebook’s Instant Personalization needed another knock against it, tonight comes news of a security issue that makes the feature even more unnerving. Web security consultant George Deglin discovered an exploit that would allow a malicious site to immediately harvest a Facebook user’s name, email, and data shared with ‘everyone’ on Facebook, with no action required on the user’s part. This specific exploit has been patched, and no user data was compromised, but the security problems behind it remain.

Much more in the article. Thanks TechCrunch!

Yes, been fixed but after what damage? And a few weeks before a good guy figures it out. Thank you, George Deglin!

How many other vulnerabilities in Facebook that only the bad guys know about until a good guy discovers it?

I am so glad I deactivated my Facebook account.

Advertisements