Something that was supposed to be a shortcut for
users of Facebook Inc(NASDAQ:FB) to log in to their pages did not really end up
as expected. E-mail addresses were exposed and there were situations when a few
accounts stood at risks of being potentially accessed.
A spokesman of Facebook said that the company had
created the shortcut, called auto-login. It was intended to allow some users to
access their pages directly by clicking on the link. The feature allowed them
to access their accounts directly instead of logging in from Facebook.com.
The company revealed that some of the links
required users to type their passwords while some others did not.
On a technology discussion board on Hacker News,
an engineer from Facebook, Matt Jones said that the company has offered the
service in order to make things easier for users. He said the feature was not
made with the intention to make the e-mail address of users publicly available.
However, e-mail addresses did go public.
Frederic Wolens, the Facebook spokesman said that
a few users may have posted links on the web, letting anyone to search up for
them. Such links could allow a stranger to access the Facebook Pages that are
associated with them. The e-mail addresses of respective users also get exposed
in the process. Wolens said that he had no clarification as to why someone would
post the links.
On finding out the loopholes, Facebook
discontinued offering the feature.
The thread on Hacker News said that more than 1
million Facebook accounts have been affected with this feature. Facebook could
not confirm the exact figure on Friday.
A private security company, TrendMicro that
offers safety tools for people using Facebook, said that web address shortcuts
were intrinsically dangerous since they could eventually wind up being on the
Web.
No comments:
Post a Comment