Technology
Bug in Facebook Messenger exposed users' data
San Francisco, March 8
As Facebook CEO Mark Zuckerberg discussed making his platform more secure, a bug in Facebook Messenger allowed websites to gain access to users' data, including who they have been chatting with, say researchers.
Now fixed by Facebook, the vulnerability in the web version of Messenger allowed any website to expose who you have been messaging, revealed Ron Masas, the researcher with cybersecurity company Imperva, in a blog post late on Thursday.
The researcher reported the vulnerability to Facebook under their responsible disclosure programme and the social media platform mitigated the issue.
In November 2018, Mass and his team discovered a Facebook bug that allowed websites to extract data from users' profiles via cross-site frame leakage (CSFL) which is known as a side-channel attack performed on an end user's web browser.
"Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware," wrote Masas.
Facebook Messenger has over 1.3 billion users globally.
Zuckerberg on Thursday said he is working to make Facebook "privacy-focused" like WhatsApp.
The "privacy-focused platform" will be built around principles like private interactions, encryption, reducing permanence, safety and interoperability.
Now fixed by Facebook, the vulnerability in the web version of Messenger allowed any website to expose who you have been messaging, revealed Ron Masas, the researcher with cybersecurity company Imperva, in a blog post late on Thursday.
The researcher reported the vulnerability to Facebook under their responsible disclosure programme and the social media platform mitigated the issue.
In November 2018, Mass and his team discovered a Facebook bug that allowed websites to extract data from users' profiles via cross-site frame leakage (CSFL) which is known as a side-channel attack performed on an end user's web browser.
"Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware," wrote Masas.
Facebook Messenger has over 1.3 billion users globally.
Zuckerberg on Thursday said he is working to make Facebook "privacy-focused" like WhatsApp.
The "privacy-focused platform" will be built around principles like private interactions, encryption, reducing permanence, safety and interoperability.
57 minutes ago
Probe in MUDA case required, beneficiary wife of petitioner, says HC on CM Siddaramaiah's plea
1 hour ago
Evidence grows to show air pollution can raise Parkinson’s risk
1 hour ago
Rashami Desai flaunts her ‘desi’ look as Navratri gets closer
1 hour ago
Karan Johar, Kapil Sharma get candid about their sleepless nights
1 hour ago
Janhvi poses with ’best team ever’ after wrapping up ‘Sunny Sanskari…’ schedule in Udaipur
1 hour ago
Sudheer Babu's new poster from 'Jatadhara' out: 'Blends rich mythological beliefs with scientific facts'
1 hour ago
Kabir Khan says filmmaking is a journey of connections
1 hour ago
Raj Thackeray’s unexpected visit to Salman Khan’s home sparks curiosity
1 hour ago
Farah Khan appoints a new cameraman for shooting her reels
1 hour ago
RG Kar tragedy: CPI(M) creates cell to legally assist women protesters facing police harassment
1 hour ago
Kerala HC rejects Siddique's bail plea, actor goes missing
1 hour ago
CPI-M MLA Mukesh arrested after questioning in former actress sexual abuse case, let off
1 hour ago
Democracy was also European concept: P Chidambaram flays TN Guv for ‘secularism not Indian’ quip