Facebook Vulnerability Patched in Silence
The recent Cambridge Analytica scandal with Facebook has made us realize something important. Never take your privacy for granted. When we sign up to social media site such as Facebook, we often pay the price of giving away personal information. Personal information that can be accessed by anyone in the world. When we look at this from another angle we realize a very frightening truth. These companies have so much information about us. Right from our tastes in music to our political opinions. What if corporations buy of our data and target us with ads that push us towards their agenda? A political party can use such data to benefit their elections and weave tales to change our mind.
In such a volatile and weird stage of human society, I believe that these companies that we trust, these social media platforms should be ethically responsible to safeguard our private information. Yes, I realize that a service that is used by more than 2.27 billion users is sure to be bombarded by hacker groups and malicious sources that mean no good. But when you own a company that is worth $629 billion dollars, it comes with a level of responsibility.
Ron Masas, the security researcher of Imperva – a leader in cybersecurity discovered a glaring bug in Facebook recently. The loophole would have allowed malicious organizations to tap into your private data when you were logged in! Through cross-site forgery attacks, you could have abused this loophole.
“This allowed information to cross over domains—essentially meaning that if a user visits a particular website, an attacker can open Facebook and can collect information about the user and their friends,” Masas said, according to Brinkwire.
This attack was even more dangerous for mobile users. It was a noticeable trend that a new tab opens when the attack is taking place. But if you are using Facebook mobile, there is a very high chance that you end up not noticing the new tab opening up. The entire attack could happen, and they could steal all the data about your likes and interests just while you keep scrolling through the feed.
In a statement to The Verge, Facebook stated that such an attack would affect other websites as well, not just its own.
“As the underlying behavior is not specific to Facebook, we’ve made recommendations to browser makers and relevant web standards groups to encourage them to take steps to prevent this type of issue from occurring in other web applications,” Facebook said.
The social media platform also stated that they have no evidence of any attack or exploit that has happened before Masas discovered the bug. Of course, this is such a lame excuse to pull off Facebook. Own up to your mistake and put in more money into security. Social media influences the way people think and that is a very powerful weapon. To not have it controlled and checked could lead to unforeseen anarchy and that would benefit only the people in power. Step up the game Zuckerberg!