App bug overrides user privacy settings (http://www.theregister.co.uk/2011/05/10/facebook_user_credentials_leaked/)
QuoteFacebook has leaked access to millions of users' photographs, profiles and other personal information because of a years-old bug that overrides individual privacy settings, researchers from Symantec said.
The flaw, which the researchers estimate has affected hundreds of thousands of applications, exposed user access tokens to advertisers and others. The tokens serve as a spare set of keys that Facebook apps use to perform certain actions on behalf of the user, such as posting messages to a Facebook wall or sending RSVP replies to invitations. For years, many apps that rely on an older form of user authentication turned over these keys to third parties, giving them the ability to access information users specifically designated as off limits.
The Symantec researchers said Facebook has fixed the underlying bug, but they warned that tokens already exposed may still be widely accessible..... (more)
Another reason not to like the thing. ;)
Oops!
That's being kind. :)
Don't run Facebook on an Apple, or you could have a Flasher Mac :out: :hide:
:grn:
Facebook deny it of course, but just changing the password sorts the issue, and its apps that caused it, if you dont use them, you were fine. Not a reason to not like it, but another reason to use your brain a bit, changing passwords often helps anyway, I use 1Password for the Mac, great thing to have.
:clever: ;D