Recently in Vulnerability Category

Facebook Privacy Vulnerability

By Edward Bellamy on October 8, 2010 9:21 PM | | Comments (2) | TrackBacks (0)

Today I found a Facebook privacy vulnerability affecting dates of birth. The scenario:

  • The Facebook user hides their date of birth from view
  • When today’s birthdays are viewed, those who choose to publish their year of birth have their age displayed. Those who have opted to hide their year of birth in their privacy settings do not have their age published. ( http://www.facebook.com/?sk=bd )

However…

  • When viewed via the Facebook mobile site, their age is published ( http://m.facebook.com/birthdays.php )

Obviously from this, the individual’s date of birth can be easily calculated.

UPDATE: I have of course notified Facebook of this privacy flaw.

« Technical: Web Server | Main Index | Archives

Search

About this Archive

This page is a archive of recent entries in the Vulnerability category.

Technical: Web Server is the previous category.

Find recent content on the main index or look in the archives to find all content.

Categories

Vulnerability: Monthly Archives

Latest Twitter Updates

    follow me on Twitter