Facebook reports it has plugged a security hole that compromised user privacy by exposing live chat sessions as well as pending friend requests.
Facebook has fixed a bug that exposed instant messages and pending friend
requests.
The bug prompted the social networking site to briefly take its chat
function offline May 5. According to Facebook, the flaw existed in a feature that
allows users to see how their profile appears to others-a design feature meant
to improve privacy.
With the bug, however, it was possible for users to see their friends'
live chats and pending friend requests. According to Facebook, this could be
accomplished by "manipulating the 'preview my profile' feature."
A Facebook spokesperson continued, "When we received reports of the
problem, our engineers promptly diagnosed it and temporarily disabled the chat
function. We also pushed out a fix to take care of the visible friend requests,
which is now complete. Chat is now back up and running."
Facebook said the effects of the bug existed for a "limited amount of
time," but did not elaborate.
Facebook
has taken some hits over privacy issues from politicians and consumer
advocates in recent weeks. In addition, a survey released earlier the week of
May 3 showed many people are
not
using the privacy controls of Facebook and other social networking sites
extensively.
A video demonstrating the vulnerability that exposed user chats can be
found here on TechCrunch.
Email
Print
