Facebook Bug Could Be Used to Harvest Names, Photos

Thursday Aug 12th 2010 by Kara Reeder
Share:

Facebook feature could be abused by spammers to gather information on users.

Computerworld reports that a new Facebook bug could be used by spammers to harvest user names and photographs.

Apparently, entering the e-mail address of a Facebook user with the wrong password returns a special "Please re-enter your password" page. This page shows the Facebook photo and full name of the person associated with the address. The feature is supposed to help people figure out if they've mistyped their e-mail address at login. However, it could be abused by spammers to gather information on Facebook users.

Researcher Atul Agarwal says the feature could be used by someone to generate random e-mail addresses, who could then check to see if they really worked.

Facebook places the blame on a recently introduced bug:

We have technical systems in place to prevent people's names and photos from showing to unrelated users upon login, but a recently introduced bug temporarily prevented these from working as intended ... We are already working on a fix and expect to remedy the situation shortly.

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved