Flaw in Facebook App Allows Account Hijacking{4}

In an article found in PC magazine online. They say that there is a flaw in the iPhone Facebook app that can potentially allow a hacker or mischievous individual access to ones Facebook account. They find that the credentials to such accounts are stored in the plist or program list file within the app in regular text. Security researcher Gareth Wright found the flaw and was notified Facebook of this issue. They are working on a fix but they say that this security flaw is most apparent on a “jail-broken” device. Facebook developers responded by saying that the security of the application is compromised when the user modifies the OS and could potentially allow malicious attacks and software cause information theft and damage. Gareth Wright also says that the Facebook app is also used in different apps as a means of authenticating user information from their Facebook account. He also talks how someone who can create malicious software to extract data whenever such devices are plugged in and allow for such viruses to steal information from the handset. So he says to be careful when plugging in your device to any shared/public computer and public docking and charging stations.

I feel that now that everything we do in cyberspace we have to have various accounts keeping our information for authentication. As with social media, everyone i believe shares a lot of data and information about themselves over cyberspace and with smartphones on the rise a lot of people are using social apps or other apps that contain their information as well. Having security flaws like the one found on the Facebook app keeps me uneasy. knowing that there is a flaw that could allow someone to take my account information and use it for wrong. Some social apps that I have seen use Facebook account authentication and use my account to make another account and use their services using my Facebook account information. knowing that the flaw can extend to other accounts that I makes me think twice about what I’m logging into and where I physically connect my device up to. I hope the developers at Facebook fix this issue soon.



Hachman, M. (2012, April 05). Facebook app flaw makes hijacking your account a snap. Retrieved from http://www.pcmag.com/article2/0,2817,2402653,00.asp