cageymaru

Fully [H]
Joined
Apr 10, 2003
Messages
22,060
Facebook has acknowledged being hacked on Tuesday, September 25th and the security issue directly affected almost 50 million accounts and another 40 million indirectly. The "View As" feature that Facebook implemented in July 2017 is the source of the security issue. The "View As" feature allows users to see what their own profile looks like to someone else. Hackers used this to steal Facebook access tokens which they used to take over accounts belonging to other members of the service. Think of "access tokens" as "digital keys" that allow a person to remain logged into the service without having to re-enter their password when they use the app.

Law enforcement has been contacted and access to "View As" functionality has been disabled until a more secure implementation can be created. Those affected have been notified at the top of their Facebook News Feed and Facebook's security team is working diligently to find out who and from where the attack originated. If they find more affected accounts then they will reset the security tokens for those also. Thanks DejaWiz !

This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted "View As." The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens. There's no need for anyone to change their passwords. But people who are having trouble logging back into Facebook -- for example because they’ve forgotten their password --should visit our Help Center.
 
latest?cb=20130910011414.jpg
 
With any luck, mine gets stolen and I won't have to go through the lost password process to kill the damn thing. Haven't used it in so long, no clue what the password is.
 
there was a digital token exploit a few years back. I can't remember what program I used, but if you went to an open wifi, like a hotel, the program could grab tokens from people that were browsing facebook.
Once you had the token, you were basically in that persons account, could post, add/remove friends, etc..
 
The programmers are only human... give them a break! Everyone makes mistakes...

I cannot, because the stakes are too high. These companies have way to much power for the "benefit" they give to society. If they were curing cancer, I would accept mistakes. They're just making the world dumber.
 
All Facebook is anymore is a political vent application. I do use it to argue with people though. sigh...
 
With any luck, mine gets stolen and I won't have to go through the lost password process to kill the damn thing. Haven't used it in so long, no clue what the password is.

lol same here. I hope they find my nudie pics! :cautious::shifty:
 
Back
Top