Now Tec BlogNow Tec Blog

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Tyrannosaurs Were Extreme Cowards – And We Have The Footage To Prove It

    May 28, 2023

    THINGS TO KNOW THIS WEEK

    May 28, 2023

    Meta’s Quest 3 headset could feature a color camera for more realistic pass-through video

    May 28, 2023
    Facebook Twitter Instagram
    • Home
    • Business

      Congress to Discuss Biden-McCarthy Debt Ceiling Deal

      May 28, 2023

      Top 10 Highest Paying Degrees for Generation Z in America

      May 28, 2023

      Here’s how Waystar Royco ranks in the Fortune 500

      May 28, 2023

      How do I negotiate with an aging parent who resists support?borrow tips from business

      May 28, 2023

      European bonds could help rebuild Ukraine

      May 28, 2023
    • Gadgets

      Meta’s Quest 3 headset could feature a color camera for more realistic pass-through video

      May 28, 2023

      Hitting the Books: Renee Descartes had his best revelations while baked in an oven

      May 28, 2023

      AI will change how Americans find jobs and get promoted

      May 28, 2023

      Will ChatGPT and other generative AI harm the environment?

      May 28, 2023

      Apple’s free My Photo Stream service will end on July 26

      May 27, 2023
    • Tech

      How to Control Amazon Kids+ Content Settings (2023)

      May 28, 2023

      A quest to extract energy from nothing using quantum mechanics

      May 28, 2023

      In memory of GitHub’s offices, a monument to technology culture

      May 28, 2023

      How to send text messages through phone from PC | Wired

      May 28, 2023

      Turtle Beach Stealth Pro Review: Go Anywhere, Play Anything

      May 28, 2023
    • World

      Follow the Poll: 2023 Turkey Election Runoff Poll Results | Election News

      May 28, 2023

      IPL final: Can Gujarat’s Gill ruin Chennai’s Dhoni’s ‘farewell’? | Cricket News

      May 28, 2023

      Tackling poverty starts with accepting the GDP of the poor.opinion

      May 28, 2023

      PHOTOS: Indian police disrupt wrestlers’ march | Protest news

      May 28, 2023

      Al Itihad wins Saudi League, Ronaldo leaves empty-handed | Football News

      May 28, 2023
    • AI

      THINGS TO KNOW THIS WEEK

      May 28, 2023

      AI Helps Find Owner of Necklace Made from Megalodon Teeth Found in Titanic Wreckage

      May 28, 2023

      Is Nvidia the only AI stock worth owning?

      May 28, 2023

      “Indian Popoy”: AI Art Reimagines World Leaders as Gym Companions

      May 28, 2023

      Weekly Preview: Featured Earnings (AI, GME, ZS)

      May 28, 2023
    • Apple

      Chargers & Smartphone Accessories Sale: Up To 70% Off

      May 28, 2023

      This hidden camera detector sells for $39

      May 28, 2023

      How to unblock ESPN+ for free from outside the US

      May 28, 2023

      Here are the answers and tips for May 28th.

      May 27, 2023

      Here are the answers and tips for May 28

      May 27, 2023
    • ChatGPT

      What is a ChatGPT shared link and how does it work?

      May 28, 2023

      I asked ChatGPT about Cardano’s moves in 2023, the response was intriguing

      May 28, 2023

      6 ChatGPT prompts for text analytics

      May 28, 2023

      10 Ways Writers Use ChatGPT

      May 28, 2023

      What Happens When Lawyers Use ChatGPT – The Irish Times

      May 28, 2023
    • Cyber Security

      Coláiste Chu Chulainn Dundalk student Finian to join national cybersecurity team

      May 28, 2023

      World’s Largest Cybersecurity Roadshow Arrives in Oman as Part of Global Tour

      May 28, 2023

      Artificial Intelligence Risks and Benefits in Cybersecurity

      May 28, 2023

      ITU-ARCC and Huawei Jointly Promote Public-Private Cybersecurity Cooperation

      May 28, 2023

      National security agencies conduct cyber defense exercises to thwart Chinese threat | Latest news India

      May 27, 2023
    • Computing

      Cloud Computing Will Add $13.7 Billion to Oman’s GDP Over Next Decade: AWS

      May 28, 2023

      The backbone of modern AI infrastructure

      May 28, 2023

      Quantum computing can help secure the future of AI systems

      May 28, 2023

      21st Century Technology: Fog Computing

      May 28, 2023

      China Announces New Quantum Computing Cloud Platform

      May 28, 2023
    • Science

      Tyrannosaurs Were Extreme Cowards – And We Have The Footage To Prove It

      May 28, 2023

      India can become a world leader in science

      May 28, 2023

      Local students win top prizes, or arts, sciences, and more

      May 28, 2023

      Elon Musk’s Neuralink gets FDA approval for brain implant human study.The company says the Japanese startup failed to land on the moon because of an altitude calculation error

      May 28, 2023

      SCIENCE OF THE WEEK | New Clues About Radio Flashes in Space and More

      May 28, 2023
    Facebook Twitter Instagram
    Now Tec BlogNow Tec Blog
    • Home
    • Business

      Congress to Discuss Biden-McCarthy Debt Ceiling Deal

      May 28, 2023

      Top 10 Highest Paying Degrees for Generation Z in America

      May 28, 2023

      Here’s how Waystar Royco ranks in the Fortune 500

      May 28, 2023

      How do I negotiate with an aging parent who resists support?borrow tips from business

      May 28, 2023

      European bonds could help rebuild Ukraine

      May 28, 2023
    • Gadgets

      Meta’s Quest 3 headset could feature a color camera for more realistic pass-through video

      May 28, 2023

      Hitting the Books: Renee Descartes had his best revelations while baked in an oven

      May 28, 2023

      AI will change how Americans find jobs and get promoted

      May 28, 2023

      Will ChatGPT and other generative AI harm the environment?

      May 28, 2023

      Apple’s free My Photo Stream service will end on July 26

      May 27, 2023
    • Tech

      How to Control Amazon Kids+ Content Settings (2023)

      May 28, 2023

      A quest to extract energy from nothing using quantum mechanics

      May 28, 2023

      In memory of GitHub’s offices, a monument to technology culture

      May 28, 2023

      How to send text messages through phone from PC | Wired

      May 28, 2023

      Turtle Beach Stealth Pro Review: Go Anywhere, Play Anything

      May 28, 2023
    • World

      Follow the Poll: 2023 Turkey Election Runoff Poll Results | Election News

      May 28, 2023

      IPL final: Can Gujarat’s Gill ruin Chennai’s Dhoni’s ‘farewell’? | Cricket News

      May 28, 2023

      Tackling poverty starts with accepting the GDP of the poor.opinion

      May 28, 2023

      PHOTOS: Indian police disrupt wrestlers’ march | Protest news

      May 28, 2023

      Al Itihad wins Saudi League, Ronaldo leaves empty-handed | Football News

      May 28, 2023
    • AI

      THINGS TO KNOW THIS WEEK

      May 28, 2023

      AI Helps Find Owner of Necklace Made from Megalodon Teeth Found in Titanic Wreckage

      May 28, 2023

      Is Nvidia the only AI stock worth owning?

      May 28, 2023

      “Indian Popoy”: AI Art Reimagines World Leaders as Gym Companions

      May 28, 2023

      Weekly Preview: Featured Earnings (AI, GME, ZS)

      May 28, 2023
    • Apple

      Chargers & Smartphone Accessories Sale: Up To 70% Off

      May 28, 2023

      This hidden camera detector sells for $39

      May 28, 2023

      How to unblock ESPN+ for free from outside the US

      May 28, 2023

      Here are the answers and tips for May 28th.

      May 27, 2023

      Here are the answers and tips for May 28

      May 27, 2023
    • ChatGPT

      What is a ChatGPT shared link and how does it work?

      May 28, 2023

      I asked ChatGPT about Cardano’s moves in 2023, the response was intriguing

      May 28, 2023

      6 ChatGPT prompts for text analytics

      May 28, 2023

      10 Ways Writers Use ChatGPT

      May 28, 2023

      What Happens When Lawyers Use ChatGPT – The Irish Times

      May 28, 2023
    • Cyber Security

      Coláiste Chu Chulainn Dundalk student Finian to join national cybersecurity team

      May 28, 2023

      World’s Largest Cybersecurity Roadshow Arrives in Oman as Part of Global Tour

      May 28, 2023

      Artificial Intelligence Risks and Benefits in Cybersecurity

      May 28, 2023

      ITU-ARCC and Huawei Jointly Promote Public-Private Cybersecurity Cooperation

      May 28, 2023

      National security agencies conduct cyber defense exercises to thwart Chinese threat | Latest news India

      May 27, 2023
    • Computing

      Cloud Computing Will Add $13.7 Billion to Oman’s GDP Over Next Decade: AWS

      May 28, 2023

      The backbone of modern AI infrastructure

      May 28, 2023

      Quantum computing can help secure the future of AI systems

      May 28, 2023

      21st Century Technology: Fog Computing

      May 28, 2023

      China Announces New Quantum Computing Cloud Platform

      May 28, 2023
    • Science

      Tyrannosaurs Were Extreme Cowards – And We Have The Footage To Prove It

      May 28, 2023

      India can become a world leader in science

      May 28, 2023

      Local students win top prizes, or arts, sciences, and more

      May 28, 2023

      Elon Musk’s Neuralink gets FDA approval for brain implant human study.The company says the Japanese startup failed to land on the moon because of an altitude calculation error

      May 28, 2023

      SCIENCE OF THE WEEK | New Clues About Radio Flashes in Space and More

      May 28, 2023
    Now Tec BlogNow Tec Blog
    Home»Tech News»Facebook had years to fix the loophole that leaked 500 million user data
    Tech News

    Facebook had years to fix the loophole that leaked 500 million user data

    eduardo_alves38By eduardo_alves38April 10, 2021Updated:April 10, 2021No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Profile names, more email addresses and phone numbers 500 million Facebook users have circulated publicly online for almost a week. It took Facebook days to finally acknowledge root cause, an issue the company says it fixed in 2019. But now researchers say Facebook had known about similar vulnerabilities years ago, and could have made a much bigger effort to prevent the scratching mass in the first place.

    The problem is Facebook’s “content importer,” a feature that combs a user’s address book to find people they know who also use Facebook. Many social networks and communication apps offer a version of it as a kind of social lubricant. But Facebook’s Contact Importer tool in particular has encountered a number of known issues and supposed fixes over the years.

    “I’m sure other companies are also sweating now. It’s not just Facebook, ”says Inti De Ceukelaire, a Belgian security researcher who reported a vulnerability in Facebook’s contact import feature to the company in 2017.“ But it’s a recurring theme for Facebook that whenever growth is at stake, they will think twice. fix something that benefits the user’s privacy. “

    De Ceukelaire and other researchers had previously alerted Facebook to similar problems. In 2012, Facebook made changes that resulted in the disclosure of phone numbers and email addresses that users themselves had not provided through the import contacts feature. A researcher disclosed the problem to Facebook in 2013; In 2018, the Office of the Privacy Commissioner of Canada and the Office of the Data Protection Commissioner of Ireland investigated the findings.

    “Our office believes that FB did not have appropriate safeguards in place prior to the breach to protect the personal information of users and non-users,” the investigation revealed.

    This incident differs from the more recent controversy on Facebook, in which attackers were able to ‘scratch’ Facebook by listing batches of possible phone numbers from over 100 countries, submitting them to the Contact Importer, and submitting them to the Contact Importer. manipulating it to return names, Facebook IDs and other data users had posted on their profiles. Still, that loophole spoke to the potential of the Contact Importer tool to access sensitive data and the need to carefully look for bugs and unintended behaviors in the feature.

    De Ceukelaire’s research in 2017 is much more directly related to the methods used by attackers to extract the recent and massive dataset. “I discovered that it was relatively easy to reveal private phone numbers on Facebook, discovering certain phone numbers of Belgian celebrities and politicians,” De Ceukelaire wrote in February 2017. “Even if this trick seems to work only in small countries like Belgium (+/- 11.2 million people), a significant number of people are affected by this simple but effective privacy breach.”

    De Ceukelaire had found a manual and somewhat limited, but still effective way to list phone numbers and extract their corresponding user information from Facebook through the import contacts feature. He submitted the results to Facebook’s bug bounty program, but in communications reviewed by WIRED, the company said the issue was ineligible for payment.

    “I think they are probably very aware that they could face a significant responsibility.”

    Ashkan Soltani, Former FTC Chief Technologist

    The researcher had, however, raised two crucial points. First, attackers may well be looking for more powerful and efficient ways to abuse the contact import feature through phone number enumeration attacks. Facebook told De Ceukelaire at the time that it could revise its rate limits – the maximum number of submissions one can make – for the contact import feature, but that it does not consider the problem. like a vulnerability. De Ceukelaire further reported that users might not understand that the privacy controls they set for their Facebook profile information could be undermined by another Facebook privacy setting called “Who can search me.”

    Facebook allows you to set your phone number and email address as visible to “Me only”. But it also has an entirely separate setting, called ‘Who can search me’, which determines whether someone can find you on Facebook using your phone number or email address through the import tool. contacts. Even if your phone number is set to “Me only” in your profile, it can still be set to “Anyone” under “Who can search for me”. In that case, if someone guessed your phone number, they could link it to your other public Facebook information.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    eduardo_alves38
    • Website

    Related Posts

    How to Control Amazon Kids+ Content Settings (2023)

    May 28, 2023

    A quest to extract energy from nothing using quantum mechanics

    May 28, 2023

    In memory of GitHub’s offices, a monument to technology culture

    May 28, 2023
    Add A Comment

    Leave A Reply Cancel Reply

    Editors Picks

    What is a ChatGPT shared link and how does it work?

    May 28, 2023

    I asked ChatGPT about Cardano’s moves in 2023, the response was intriguing

    May 28, 2023

    6 ChatGPT prompts for text analytics

    May 28, 2023

    10 Ways Writers Use ChatGPT

    May 28, 2023
    Top Reviews
    Advertisement
    Demo
    Now Tec Blog
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • About us
    • DMCA
    • Privacy Policy
    © 2023 nowtecblog. Designed by nowtecblog.

    Type above and press Enter to search. Press Esc to cancel.