Friday, April 23, 2010

Facebook Security Bug

I have the the Verizon Wireless BlackBerry Storm. I use BB Facebook App.
My info is as follows:

BlackBerry Storm 9530
OS: 5.0.0.328 (Platform 4.2.0.128)

Research In Motion Limited (RIM)
Facebook
Version: 1.7.0.22


While attempting to check my 13 year olds Facebook account from my phone, I discovered that when I sign into the new account, the main page is all of the new information, however when I select the mail portion of the BlackBerry FaceBook app, I notice that it is all my mail from prior logon information.

Which means, if a friend ever asks you to use your BB Storm to check out their Facebook account, they will be reading your mail since it never switches over too their mail. This is a nice security bug find if you ask me. What do you think? Should you be concerned or not? Of course, I guess it all depends on how one would use this information.. Maybe to:

  • catch a cheating spouse
  • monitor what you kids are doing
  • social engineering from coworkers


In any case, I've sent RIM an email and I am still awaiting their response to the security find. I will post once I get a response from either RIM or Facebook.

With CNN.com reporting today that Facebook may "integrate Facebook" features and make mobile apps more useful at the FaceBook annual F8 conference today, this blogger can only hope that the leading Social App market consumer will get tighter with the developers when it comes to security.

A lot of BlackBerry users are using enterprise messaging servers with corporate email accounts. I've seen reports that the BlackBerry Storm also has been plagued by SpyWare.

Just yesterday I installed the upgraded Twitter App called "UberTwitter" and the application by default wanted to take or have full control over my phone for very little reason. Now as a Tech. guy, I understood what was going on, but for your typical non-technical user, I am surely the defaults would have been selected just to get over the installation tasks. There wasn't a single warning, only very limited instructions on what permissions were needed. Kind of takes me back the early days of shareware programs on the PC.



BlackBerry Facebook App: http://www.blackberry.com/facebook

CNN: http://scitech.blogs.cnn.com/2010/04/21/coming-soon-more-news-from-facebook/

UberTwitter: http://www.ubertwitter.com/

1 comment: