Facebook warns: “most users” had their data harvested by a third-party application

Facebook warns "most users" have had their data harvested by third-party apps

Troubles Facebook continue to grow in the midst of a scandal Cambridge analyst. On Wednesday, in a lengthy message on its website news, company fixed multiple vulnerabilities in the API that can allow the user data extracted from unscrupulous third-party app developers.

Among them was the revelation that “most people” on Facebook had their profile data the scratch on third-party applications. This Vulnerability came through the key search functions — find people by e-mail and phone number, which, until yesterday, allowed third party applications to collect a large amount of shared data in the user profile.

“Given the scale and complexity of activities that we saw,” said chief technology officer of Facebook, Mike Scrapper wrote: “we believe that most people on Facebook could have their public profiles scraped in this way.“

Reviews

Data breach Facebook hack. It was a wakeup call.

In addition to this revelation, the company admitted on Wednesday that the total number of users affected by the Cambridge intelligence data collection has been significantly higher than previously reported. A total of not 30 million, as originally reported in 2017, or 50 million, as reported last month, but could be potentially higher than 87 million. The vast majority of affected users were in the United States.

Facebook warns "most users" have had their data harvested by third-party apps

Facebook warns "most users" have had their data harvested by third-party apps

Facebook warns "most users" have had their data harvested by third-party apps

Facebook tiny footnote States: “we do not know exactly what data the app in conjunction with Cambridge Analytics and how many people are affected. Using extensively as possible the methodology is according to our calculations the maximum number of unique accounts that have set the app thisisyourdigitallife, as well as those whose data can be shared with the app their friends.”

“Thisisyourdigitallife” refers to the name of the application that Cambridge Analytics, used to collect the data Facebook between 2013 and 2015, when Facebook cancelled the application’s access to its API.

On Wednesday, post all of the Facebook attempt to close many loopholes, through its platform, in response to the Cambridge fiasco Analytics and in response to new privacy rules of Europe put on Facebook, which come into force next month.

Facebook will now make the changes required by the European legislation — including giving users more control over their privacy settings and clearer access to these settings available for all users. Facebook tells its users if they were affected by the data analyst Cambridge scratching especially. They have demonstrated a sample layout to warn that such notification might look like this:

Facebook warns "most users" have had their data harvested by third-party apps

Facebook warns "most users" have had their data harvested by third-party apps

Facebook warns "most users" have had their data harvested by third-party apps

Other potential vulnerabilities, the company decides to include a range of public data from public profiles for direct targeting on pages in the event that the company again becomes unavailable to applications and third parties. The company is also ramping up its authorization process for applications and more will be accepting old and unused applications to continue to collect user data.

To this end, one of the biggest changes has been the way it handles third-party apps to log into Facebook on other sites. A long-standing feature of the API Facebook allows you to enter almost any website using your Facebook account. Now, however, the company is making it much, much harder for sites that use this feature login to access user data in Exchange.

According to the developer’s blog, ”access to check-ins, likes, photos, posts, videos, events, groups”, which are scraped on these sites now require the app to get “prior authorization from Facebook”, in which they must “adhere to strict rules and conditions.” The company does not publicly stated that these conditions will be. In addition, the list of data will no longer be available for third-party applications, including the following information, you can have Your profile:

Finally, these applications will no longer be able to see lists of your taggable and mutual friends.

The obvious question arising from all this: why is Facebook so long to admit that it was a potential egregious vulnerabilities that could put users ‘ privacy in danger or, at least, that users don’t want to be out of their control?

The short answer is that Cambridge Analytics this exposed the underbelly of the Facebook open API, all of this was a feature, not a bug for Facebook. User data available to third parties, in particular, in exchange for permission sites around the world to access login Facebook, in fact, allowed him to consolidate power over the Internet, making it much more difficult for you to save Facebook from the rest of your life.

It is also important to note that yelling at Facebook to be more strictly regulated, like any other business, have gone unnoticed for many years — until now. Please note that this is Europe and not USA, which is handling the company right now, although mark Zuckerberg will testify before Congress next week. In essence, Facebook Wake-up call was a Wake-up call for everyone, and it is unlikely that the expense of company over.

Sourse: vox.com

No votes yet.
Please wait...

Leave a Reply

Your email address will not be published. Required fields are marked *