Facebook plugs email address indexing bug2010-06-04 11:41 by DanielaTags: Facebook, security
Incident-prone social network monolith Facebook has plugged yet another security leak, this time involving the indexing by search engines of email addresses not listed on Facebook. Thousands of email addresses submitted using Facebook's "Find a friend" feature that were not tied to a Facebook account wound up getting indexed by Google, according to Blogger Cory Watilo, who was among those affected. "One obvious problem is that spammers can easily scrape this data and add easily legitimate address to their lists, many of whom might not give their addresses to Facebook for a reason," Watilo writes. The issue sparked a lively discussion thread on Hacker News. Facebook changed its robot.txt file to prevent the search engine from indexing the relevant "opt out of emails from Facebook" page so that email address data can no longer be harvested by spammers or other miscreants. Read more -here-
Post your review/comments
rate:
avg:
|