Security Hole Found in Facebook App For Android and iOs

1
According to a Developer Gareth Wright there is a flaw in Facebook App for Android and iOs. Both versions of the app encrypts users’ personal information, which makes it easy to steal identity for hackers. According to PC World’s report, all it would take to exploit the unencrypted data is “a rogue application” or “two minutes with a USB cable.” Facebook has responded that this issue only applies to compromised or jailbroken devices.

“Facebook’s iOS and Android applications are only intended for use with the manufacture provided operating system, and access tokens are only vulnerable if they have modified their mobile OS (i.e. jailbroken iOS or modded Android) or have granted a malicious actor access to the physical device,” a Facebook spokesperson said in a statement. “We develop and test our application on an unmodified version of mobile operating systems and rely on the native protections as a foundation for development, deployment and security, all of which is compromised on a jailbroken device. As Apple states, ‘unauthorized modification of iOS could allow hackers to steal personal information … or introduce malware or viruses.’ To protect themselves we recommend all users abstain from modifying their mobile OS to prevent any application instability or security issues.”

Wright mentioned that he contacted Facebook regarding the issue and has apparently received word that a fix is in the works.

Source: Wright Blog
Via: PCWorld
Previous articleSamsung Filed New Trademarks for New Galaxies: Galaxy Lift, Sire, & Perx
Next articleHTC profit dips in Q1 2012 But Sales Are Rising
Hi, I am an avid Android fan since its release. Later, I decided to merge my interests in writing and opened up GoAndroid Blog. I love to surf, write, read about new things.

1 COMMENT

  1. “Both versions of the app encrypts users’ personal information, which makes it easy to steal identity for hackers.” 

    There’s something missing in that sentence…

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.