Log in

29 November 2011 @ 11:16 am
Flaw Discovered in Facebook Account Security  
Even after leaving Facebook.com, a serious flaw in Facebook account security permits any web site to post and "Like" a page without the user's knowledge or permission. Simple JavaScript code that is freely accessible, placed on any internet page, will instantly "Like" a URL and post about it on Facebook Users' walls with out their permission or understanding. A recent test of this JavaScript code revealed the code was in a position to auto "Like" and successfully post on more than 30 percent of the users' Facebook walls without their understanding or permission. This is a serious safety flaw in Facebook's safety that should be fixed.

Picture visiting your Facebook account, viewing your Facebook Timeline, making a few posts in your Facebook wall, updating your status. Then you leave Facebook.com, without logging out of Facebook, and go to a couple of other web sites. You know, the usual daily routine. For a lot of, it's easier to just leave Facebook.com and visit other websites with out logging out of one's Facebook account. Whenever you go back to Facebook.com, you are already logged in--you do not to kind your Facebook user Id and password again. You are able to go right to your Facebook timeline, to see all of the updates from your Facebook buddies.

That is exactly where this Facebook security flaw comes into play. Devious web website owners (some technically call them "Black Hat" webmasters) are taking advantage of Facebook customers. By putting in simple JavaScript code on their internet site, webmasters are able to "fake" a click on a hidden Facebook "Like" button on their site. And then they post on your Facebook Wall about it, which promotes their URL or web site to all of your Facebook Friends. And you by no means see the click or the Facebook "Like", and also you most likely will not see which you posted about their internet website on your Facebook Standing unless of course you go to Facebook.com and view your Facebook Wall. Most Facebook users will by no means understand that they're promoting internet sites that they recently visited unless of course someone tells them about it--because Facebook is designed inside a way for us to determine all of our friends' updates on our timeline. It takes a separate click on the Facebook site to view your personal Facebook Status updates.

What's disturbing here will be the reality that whenever you go to a website. Not only will you "Like" a URL of the web website owner's choosing, the net site will also instantly post on your Facebook Wall without you even understanding it. If you're logged into your Facebook account, even though you're NOT on Facebook.com, any website can instantly post on your Facebook Wall without your knowledge. This is a severe Facebook safety flaw that Facebook requirements to deal with correct away.

At this point, there is truly only one way which you personally can stop web websites from automatically posting and auto "Liking" when you visit their web website. Whenever you visit Facebook.com you should log in--and when you leave Facebook.com, you should log out. As lengthy at you are technically logged out of Facebook.com, there is no way that a devious web site owner can force you to automatically "like" their internet site--and they can't instantly post on your Facebook Wall.