Having an estimated 1 billion users and worth over $50 billion, Facebook is seen as the advent of the digital era, a social network that didn’t only bring people across the globe together, but that has also radically changed the way we communicate. If you were to listen to the mainstream media, you might be tempted to believe that without Zuckerberg’s innovative idea, mankind would have still used the Morse code and smoke signals to communicate.
To support the idea that Facebook brought us this incredible technological gift, you’ll hear all sorts of mushy stories about soldiers who can now talk to their loved ones at home or how a family of kittens got pulled out of the murky river because one kind fellow shared a picture of them drowning. However, if you think about it for a second, you’ll realize that social networks are as old as the internet and Facebook doesn’t bring anything new to the picture safe for the neat interface.
Because not many people can or dare to pierce the veil, Facebook has constantly tested the waters and ended up doing numerous things users don’t agree with. It’s too bad most users don’t learn about them until it’s too late.
Facebook security vulnerability 1: The DYI tool
One of their latest chary activities is a security bug discovered last month, a vulnerability that revealed personal information – email or phone number – to the other users regardless of whether the account owner wanted to share that data with his (entire or partial) contact list. The discovery was made by an independent entity that was participating in the famous bug hunt, namely Facebook’s White Hat Program.
As the social network’s representatives stated, all you needed is some sort of info regarding a person with a Facebook profile and, with the help of the Download Your Info tool, you too can learn his/her sensitive data. Despite the reassurance conferred by FB’s team that the bug was fixed on the same day as it was discovered, sources suggest that over 6 million users could have been affected.
Since most users were wary of their claims, Facebook tried to comfort users who shared sensitive data by saying that this info was downloaded once or twice via the DYI tool. Moreover, the tool was only employed by users and never by advertisers or developers, so by the end of June earlier this year, everything was forgiven and forgotten.
Facebook security vulnerability 2: The Symantec case
Unfortunately for Facebook users, things are not that simple. At the beginning of July, well-established antivirus developer Symantec has pointed out that the security vulnerability has a lot more ramifications than Facebook’s reps are willing to admit. In a press release issued last month, Symantec stated that simply launching the FB app on Android devices will send your phone number to the social network’s servers. Moreover, this process is automatic and the data is transmitted irrespective of whether you have an account, logged in or have initiate any specific action. Considering that the app has over 7.5 million downloads on Google Play, it is easy to understand why this is a serious issue.
And yet, it’s not Facebook’s fault!
In case you didn’t know, if you agree to install the application and hence you allow it to access the necessary permissions, then you technically agree to freely disclose this information. In fact, if you were to uninstall FB app and re-install it, you’ll see this fact spelled out in simple and clear terms. Therefore, since you must confirm that you accept sharing your phone number before downloading the app, Facebook is not legally responsible.
In regards to the users who had the Facebook app pre-installed on their devices, they have been provided with the full set of policies and permissions when first launching the app. In the event that you don’t remember agreeing to such nonsense but want to verify, then you should check your phone setting to see what data is being collected. Alternatively, search for the app on Google Play to re-read the necessary permissions.
Even though Mark Zuckerberg & Co. will not face a lawsuit due to the latest security vulnerability revealed, it doesn’t really excuse them from what they did. In order to prevent this type of unpleasant situations in the future, you should be more careful when reading the permissions and understand them in full before agreeing to them.
As for me, I can’t protect my email in such cases but at least I didn’t offer my phone number when Facebook asks me to. Well, that’s some consolation at least!