madison
Home / News & Blogs

Researchers: Facebook vulnerable to clickjacking

Elinor Mills CNET News | January 19, 2010 4:47 AM PST

Summary

Facebook is susceptible to certain types of attacks that could allow someone to hijack an account while a user is interacting with another website, a security researcher warned.

Topics

Facebook, Researcher, Web Site Development, Web Technology, Internet, security, clickjacking, Elinor Mills CNET News
Facebook is susceptible to certain types of attacks that could allow someone to hijack an account while a user is interacting with another website, a security researcher warned on Monday.

Reseacher Nitesh Dhanjani also warned that a design flaw in Facebook is granting third-party apps permission to access user profile data without express approval from users.

Facebook used to display a pop-up window warning users when they added any third-party app that doing so would authorize the app to get access to user profile information, which allowed users to change their mind before adding the app. But a policy change has meant some apps can now choose to use a new implicit authorization feature that does not warn users a third-party app is trying to request their data, Dhanjani said.

For more, read "Researchers: Facebook vulnerable to clickjacking" on CNET News.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity