You are currently browsing the tag archive for Facebook Tokens

May 11, 2011

Facebook “Spare Key” Security Flaw Existed For Years

Filed as News with no comments

Facebook SecurityFacebook user information was passed along to advertisers and third parties for years according to a Symantec report passed along to the social network last month.

The issue occurred when more than 100,000 Facebook applications accidentally passed along user access tokens. Those tokens, known as a “spare key” could then be used to access a users account, allowing third parties to post info to a user’s wall and access other parts of their accounts.

Anyone with access to an access token would also be able to mine for personal information, gain access to a user’s friends’ profiles and access other parts of a users accounts, however no reported evidence of such events occurring were reported, in fact it’s believed that third parties were not even aware that they were receiving the extra information. read more

Tags: , ,