Identity theft is a major concern for internet companies and users alike. The dangers are even greater for social networks such as Facebook because of the amount of personal data that users tend to put online.
After a software engineer found a way to mine personal data through mobile phone numbers, members of the biggest social network are being urged to check their privacy settings.
Search function to blame
Reza Moaiandin, the software engineer responsible for flagging the new exploit, explained that he was able to find the names, locations, and profile pictures of users simply by entering their phone number into the network’s search function.
The setting has a default of “Everyone”, which means that any Facebook user can find another one even if their phone number isn’t publicly visible on their own public profile.
Fortunately, this setting can be changed manually to protect security.
Guess the number
The problem is even more dangerous because the phone number doesn’t need to be known in advance.
By using a simple algorithm that generates thousands of possible mobile numbers, Moaiandin ran the results through a widely available Facebook application programming interface (API) to discover which ones made “hits” to user accounts.
“This could be a huge phishing problem if no limit is created, and the loophole is discovered by the wrong person,” Moaiandin explained on his blog.
Although Moaiandin reported the issue to Facebook twice so far this year, the company said it did not think the matter constituted a security vulnerability.
“Everyone who uses Facebook has control of the information they share,” a spokesperson for the company commented, adding that developers can only access information that “people have chosen to make public.”
- 33 Places to Hangout in the Social Networking Era 12 years ago
- YouTube – The Complete Profile 12 years ago
- Top 25 Web Apps for iPhone 11 years ago
- SimilarSites.com Find, Well, Similar Sites 9 years ago
- 10 Most Successful Web 2.0 Startups To Date 11 years ago
- 9 Great Ways to Make Mind Maps and Flow Charts Online 11 years ago
- Google’s OpenSocial to Debut Thursday, APIs for All 11 years ago
- Stormpulse Works In The Clouds 10 years ago
- Opinion/Analysis: Books? What Books? 11 years ago
- Study reveals best time to receive maximum likes and comments on Facebook 3 years ago