It seems Facebook is one social network where people pours in most of their personal information as if it is some trusted bank locker. But we have been seeing and experiencing many flaws as well as loopholes to open the lock to our private safe quite easily. But the latest flaw was that some accounts could be opened without even a password!… oooops!!!
Though Facebook took immediate actions to close the loop hole, the bug was exposed in a message posted to the Hacker News website.
The BBC News reported that,
The message contained a search string that, when used on Google, returned a list of links to 1.32 million Facebook accounts.
The method used the same syntax as in the links provided to users in the emails regarding notifications, by clicking which they can directly get in to their Facebook accounts.
As reported by the BBC News,
In a comment added to the Hacker News message, Facebook security engineer Matt Jones said the links were typically only sent to the email addresses of account holders. Links sent in this way can only be clicked once.
“For a search engine to come across these links, the content of the emails would need to have been posted online,” he wrote. Mr Jones suspected this is what happened as many of the email addresses exposed were for throwaway mail sites or for services that did a bad job of protecting archived messages.
Most of the million or so links exposed would already have expired, said Mr Jones.
“Regardless, due to some of these links being disclosed, we’ve turned the feature off until we can better ensure its security for users whose email contents are publicly visible,” he said.
Facebook claims that the links where only privately messaged to the users and was never made public or crawlable by search engines. Howsoever they claim the inevitable has happened and this is nowhere to stop. A 1000 new methods to hack would have already come up when 1 loophole is closed. Its up to us to choose whether we stay worried about our social network accounts by pouring ourselves into it or not!
Note to remember : Social networking site need not be wiped out cleanly. Its best to learn how to use it, what all problems might come up, how much should we trust it, what all is possible with the private information, how can it be exploited by others, how much security is as secure as it is said to be…