Facebook hands over $10,000 to a guy who helped them out

Laxman had discovered a security vulnerability on facebook.

The vulnerable part is, it just checks the owner of the access token and not the application which is making the request.  So it allows any application with user_photos permission to read your mobile photos. “

The vulnerability allows for a user to see the photos you have privatized on your mobile device. Laxman reported this vulnerability and explained how he got there. Facebook responded by rewarding him with $10,000 and putting him on a white-list. It pays to know a thing or two about computer security.

http://www.7xter.com/2015/03/how-i-exposed-your-private-photos.html

Advertisements
Facebook hands over $10,000 to a guy who helped them out

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s