Facebook "View As" feature is temporarily disabled that caused Security Failure around 90 Million Accounts
The Facebook found a serious error in your code, this error that allowed the attack Hackers to several accounts, being more accurate, were about 50 million of accounts attacked and more 40 million are under review. This fragility happened through a function called "View As" which allows the user to see how his page is being displayed to his followers.
ADSHERE
That 40 million are in analyzes simply because they used the function sometime last year, so it is only a measure of prevention because they may or may not have been attacked. The social network is still scrutinizing the situation and so it can not report more accurate figures or confirm if those 40 million actually suffered some type of attack during the time that gap existed.
The Facebook detected this failure September 25, Tuesday afternoon and said it has begun to take the necessary measures to solve the problem. This failure occurs because the "View As" code allowed Hackers to have access to the Tokens of the users who used this social network resources.
This Tokens makes it possible for the user to close Facebook and when returning does not need to inform the password again, that is, it is what allows to leave the account always logged in . With this Token Hacker can access the data of the users without the need of the password, considering that the Token functions like a digital key informing to the server who is the user that is logging in the social network.
Facebook has already changed the Tokens of the 90 million accounts , so all these users will have to log in again and after this will be displayed in your Feed a message explaining what happened so that the same is aware of the situation.
The "View As" feature is temporarily disabled and will only be activated after the full problem has been analyzed, since many more people may have been affected. This breakthrough came after the Social Network changed the video upload feature in July 2017.
It is not necessary to change the password, because according to Facebook the Hacker did not have access to them, but if the user feels more relaxed can make that change. Facebook also stated that "the privacy and security of people is incredibly important."
The Facebook detected this failure September 25, Tuesday afternoon and said it has begun to take the necessary measures to solve the problem. This failure occurs because the "View As" code allowed Hackers to have access to the Tokens of the users who used this social network resources.
This Tokens makes it possible for the user to close Facebook and when returning does not need to inform the password again, that is, it is what allows to leave the account always logged in . With this Token Hacker can access the data of the users without the need of the password, considering that the Token functions like a digital key informing to the server who is the user that is logging in the social network.
Facebook has already changed the Tokens of the 90 million accounts , so all these users will have to log in again and after this will be displayed in your Feed a message explaining what happened so that the same is aware of the situation.
The "View As" feature is temporarily disabled and will only be activated after the full problem has been analyzed, since many more people may have been affected. This breakthrough came after the Social Network changed the video upload feature in July 2017.
It is not necessary to change the password, because according to Facebook the Hacker did not have access to them, but if the user feels more relaxed can make that change. Facebook also stated that "the privacy and security of people is incredibly important."
Nice write up you have here. Thanks for the Update on Facebook View As
ReplyDelete