Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Bug Could Give Spammers Names, Photos

Posted by timothy on from the who-am-I-again? dept.

angry tapir writes with this excerpt from an IDG report: "Facebook is scrambling to fix a bug in its website that could be misused by spammers to harvest user names and photographs. It turns out that if someone enters the e-mail address of a Facebook user along with the wrong password, Facebook returns a special 'Please re-enter your password' page, which includes the Facebook photo and full name of the person associated with the address. A spammer with an e-mail list could write a script that enters the e-mail addresses into Facebook and then logs the real names. This could help make a phishing attack more realistic."

3 of 145 comments (clear)

  1. Re:*Smack Face* by blai · · Score: 0, Offtopic

    no -____-
    Peter and I didn't work for Slashcode.

    --
    In soviet Russia, God creates you!
  2. Re:This flaw is no longer available by duplicate-nickname · · Score: 1, Offtopic

    +1...if I could.

    Again Slashdot delivers slow, out-of-date news.

    --

    ÕÕ

  3. Mark Zuckerburg Doesn't Really Care by CodeBuster · · Score: 0, Offtopic

    Facebook doesn't care about users' privacy. Mark Zuckerburg has already said as much and his opinions on privacy are well known and oft repeated points of public controversy. It follows then that he doesn't much care for security either. In fact, it is likely that Mark is more concerned about competitors and would be rivals getting their hands on "his" data and beating him to the advertising punch than he is about the potential consequences for his users. This episode really shouldn't surprise anyone here on Slashdot because it fits neatly within the careless corporate culture of Facebook and their wanton disrespect for users or, as Zuckerberg has called them in the past, "dumbasses".