Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
Didn’t a similar thing happen a while ago where you could do view as and read that persons messages?
-
2erXre524956yok, that is bad timing, I am currently in the 2 week cool down time after clicking on "delete my account"...
-
The vulnerability was that Facebook has a feature called "View-as". Which, as the name suggests, allows you to view a person's profile as that person or any other person. While this is harmless in theory, things can get super messy if you don't have a good set of security rules, as with anything.
-
The access tokens were public due to a Facebook bug. Those tokens make that you don't have to re-login on your account everywhere all the goddamn time.
Related Rants
So, anybody aware of this? Does anybody know what the vulnerability is?
rant
nice
facebook hacked