1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Why You Shouldn't Share Links on Facebook

Discussion in 'BlackHat Lounge' started by The Scarlet Pimp, Jun 14, 2016.

  1. The Scarlet Pimp

    The Scarlet Pimp Senior Member

    Joined:
    Apr 2, 2008
    Messages:
    875
    Likes Received:
    3,294
    Occupation:
    Chair moistener.
    Location:
    Cyberspace
    Last week, security researcher Inti De Ceukelaire revealed a shocking hole in Facebook's Messenger system that allows anyone to read links you privately send your friends. What's worse, the flaw isn't a bug, but an intentional feature that Facebook has no plans to fix.

    De Ceukelaire was able to find these privately-shared links using the Facebook crawler tool. Indeed, anyone who can make API calls to Facebook's database can access this info. Even though this seems like a potentially huge privacy breach, your information is probably safe.

    Most of the people who have access to this data are app developers, and as PC Mag points out, Facebook would probably notice any kind of massive data dump taking place and ban that person's access to its APIs.

    Still, the ease with which De Ceukelaire was able to find users' private information embedded in URLs is disturbing.

    "While you may only share links to funny cat videos with your friends, you should still be worried about this exploit," he wrote. "Sometimes, sensitive information (personal data, secret keys,...) are included in links without you even noticing."

    Some of the private info he was able to glean: names, pictures, location, language and application data. And when he reported the apparent flaw to Facebook, the site responded by telling him that he had found "publically-documented and intentional behavior."

    You probably didn't need another reminder, but this is a good one if you did: don't share your private information anywhere -- even in a "private" message -- on Facebook.

    http://facecrooks.com/Internet-Safe...Private-Links-You-Share-On-Its-Platform.html/
     
    • Thanks Thanks x 1
  2. Capo Dei Capi

    Capo Dei Capi BANNED BANNED

    Joined:
    Oct 23, 2014
    Messages:
    754
    Likes Received:
    1,732
    So what if someone has tens of thousands of apps slowly collecting information? If its diversified enough and slow enough it could fly under facebook's radar.
     
    Last edited: Jun 14, 2016
  3. Henry04

    Henry04 BANNED BANNED

    Joined:
    Jul 7, 2010
    Messages:
    253
    Likes Received:
    32
    Can you get the links of specific persons or only random ones?
     
  4. trafficsource

    trafficsource Power Member

    Joined:
    May 22, 2009
    Messages:
    798
    Likes Received:
    1,156
    Occupation:
    IM
    Location:
    Baltic States
    all kind of different security holes lately. no matter if it's a small site or many other biggers...linkedin, myspace, adobe, vk, tumblr, nulled etc.
     
  5. tahajawed

    tahajawed Jr. VIP Jr. VIP

    Joined:
    Oct 21, 2014
    Messages:
    375
    Likes Received:
    37
    The reason for hating Messenger keeps increasing every day. And it's quite suspicious how hard FB tries to shove it down your throat.
     
  6. Capo Dei Capi

    Capo Dei Capi BANNED BANNED

    Joined:
    Oct 23, 2014
    Messages:
    754
    Likes Received:
    1,732
    You can disable messenger, i did it a few months ago on mine.