Last year, Imperva's research that was being conducted into Facebook’s platform revealed that there was a major security flaw. The bug basically made it possible for websites to extract personal information from the profiles of various users from the platform. This is referred to as Cross Site Frame Leakage, or CSFL for short. Fast forward in 2019, Imperva team again discovered another privacy flaw. What this does in this particular instance is that it gives websites the ability to see who you are talking to on Facebook messenger, a serious breach of privacy that does not bode well for the social media platform.
Through the use of flaws in iFrame as well as Facebook’s own overall platform, websites could primarily gain two fields of data from their inquiries. One field of data would state that a user had not communicated with another user, and the other field would confirm that they actually had been talking to them. This is the latest in a long line of security issues that Facebook has been facing, and while the platform has consistently been attempting to mend things as quickly as possible, new problems are arising pretty much as quickly as Facebook is able to fix them.
Read Next: Mark Zuckerberg Wants To Revamp Messaging Platforms - For A Privacy-Focused Future
Featured photo: AP
Through the use of flaws in iFrame as well as Facebook’s own overall platform, websites could primarily gain two fields of data from their inquiries. One field of data would state that a user had not communicated with another user, and the other field would confirm that they actually had been talking to them. This is the latest in a long line of security issues that Facebook has been facing, and while the platform has consistently been attempting to mend things as quickly as possible, new problems are arising pretty much as quickly as Facebook is able to fix them.
"Browser-based side-channel attacks are still an overlooked subject, while big players like Facebook and Google are catching up, most of the industry is still unaware.", explained Ron Masas.Facebook is taking steps to fix this particular issue, but for a lot of people it will feel like the damage has already been done. The fact that Facebook new of this bug since November and only acted when something truly drastic ended up occurring is quite concerning as well, and it shows that the social media platform is still not taking things as seriously as it needs to.
Read Next: Mark Zuckerberg Wants To Revamp Messaging Platforms - For A Privacy-Focused Future
Featured photo: AP