Facebook Has Disabled its New Year Eve messaging Tool
Facebook has temporarily disabled its New Year's Eve messaging tool after a university student was able to read and delete private messages intended for other users.Jack Jenkins, a business IT student at Aberystwyth university, alerted Facebook to the privacy flaw after finding that a small tweak to a web address allowed him to view messages and photos sent by strangers using the new tool.
Facebook launched its Midnight Message Delivery app as a way for users to send New Year's Eve messages on the stroke of midnight on 31 December.Jenkins wrote on his blog how he was shocked when he was able to view a personal New Year's message and private family photo sent by a stranger to another named Facebook user.
Facebook can continue to take these kinds of risks. PLEASE Don't go deleting random messages, but try and delete one of mine that I set up especially if you want.Jenkins said he discovered the vulnerabilty by tweaking the URL of a confirmation page on the Facebook app.He told the Guardian:I was very surprised to find that this had been overlooked by Facebook, as it's such a simple security hole.Facebook immediately disabled the feature after Jenkins published his blogpost.
0 comments :
Post a Comment