How to Hack into Your Friends Live Chats and Personal Information on Facebook!

Facebook rushed today to fix a security gaffe that allowed users to follow their friends in a way that probably wouldn't make them very comfortable.

By using a feature that allows users to preview what information acquaintances can see in their profiles, anyone could view their friends' live chats and even confirm or ignore their new friend requests.

"The irony is that the exploit is enabled by the way that Facebook lets you preview your own privacy settings," TechCrunch writes. "In other words, a privacy feature contains a flaw that lets others view private information if they are aware of the exploit."

Here's a video TechCrunch posted on how the glitch worked:






TechCrunch reported the problem to Facebook, which pulled down the live chat feature to fix it. Facebook said the matter has been resolved and issued a statement in this regard.

Chester Wisniewski, senior advisor at security firm Sophos, suspected that some wires might have gotten crossed as a result of Facebook's recent adjustments to its privacy settings.

"My take is that it would seem Facebook may be falling victim to some of their own tactics," he said in an e-mail. "They have made the methods users must use to control their privacy so complicated that even their developers can't always predict what impact a given change in the system may have."

He added: "Without further information from Facebook it is difficult to know if that is what happened, but it does indicate that a system that is not designed to protect information first and foremost can easily be tricked into disclosing information in ways the designers never intended."

Always do remember, online security and privacy is an illusion. Your information is secure as long as others (hackers, web-services) want it to be. So if there is something you don’t want to share with others it shouldn’t be online in the first place.

Popular Posts