WARNING: Facebook Mobile for iOS and Android allows easy access to your login information

A Facebook security hole on iOS and Android could allow your Facebook to be hacked.

@tracehagan
Published Thu, Apr 5 2012 4:29 PM CDT   |   Updated Tue, Nov 3 2020 12:29 PM CST

Once again, I get to be the bearer of bad news just to keep you, our reader, safe. Facebook's Mobile app for iOS and Android store your login information in a plaintext file that doesn't expire until the year 4001. The Facebook .plist file where your login data is stored could easily be swiped by a USB connection or via malicious apps.

WARNING: Facebook Mobile for iOS and Android allows easy access to your login information | TweakTown.com

Gareth Wright, a U.K.-based app developer for Android and iOS, is the discoverer of this bug. He discovered it after poking around in the application directories using the free tool iexplorer. He first found a plaintext Facebook Access token that was stored by DrawSomething and was able to query all of his data.

He then took a look at Facebook's directory where he found the .plist in question. He passed this file over to his friend and fellow blogger who, in the next few minutes, started posting status updates, sending private messages, and even liking websites. In other words, he had full control over the account.

Facebook is currently working on a fix, but there is no ETA. Additionally, other apps who use Facebook Access Tokens need to encrypt those as well. This is just another reason to be careful when selecting apps or plugging your device into a shared PC. Getting Facebook "jacked" just became real.

NEWS SOURCE:zdnet.com

Trace is a starving college student studying Computer Science. He has a love of the English language and an addiction for new technology and speculation. When he's not writing, studying, or going to class, he can be found on the soccer pitch, both playing and coaching, or on the mountain snowboarding.

Newsletter Subscription

Related Tags

Newsletter Subscription
Latest News
View More News
Latest Reviews
View More Reviews
Latest Articles
View More Articles