London computer scientists Shah Mahmood and Yvo Desmedt has found serious security flaws in the world's largest social network, Facebook. They have discovered that Facebook suffers from a crucial exploit that allows users to view full profiles they normally would not have access to. The news comes as the social networking site faces increasing scrutiny over its privacy procedures including a lawsuit over the misuse of users contact information by its mobile App.
The exploit was discovered by London computer scientists Shah Mahmood and Yvo Desmedt. The analysts, working at University College London, used a couple of Facebook’s system properties to allow them to view profiles they otherwise may not have access to and stalk unwitting users.
The hack centers on two basic aspects of Facebook’s system. Users are allowed to deactivate and reactivate their accounts at will, and while accounts are deactivated the user has no control over their privacy settings in relation to that account. This means that if you are registered as a friend of another user who then deactivates their profile they will be able to reactivate their account for short periods of time in order to watch your profile. You cannot restrict the behavior of deactivated profiles.
The ability to allow this kind of behavior has birthed worries of stalking. Personal relationships in real life can change but this change cannot be reflected in Facebook’s virtual privacy settings.
Would love to here from you...