Iceman
06-05-2010, 12:26 PM
FACEBOOK was forced to take its chat system offline after users found a way to spy on friends' personal information.
The security flaw meant users could view other people's private live chats and pending friend requests.
It was flagged up by a technology blogger who said he achieved the feat with "a few mouse clicks".
A spokeswoman for the social networking site said that engineers acted "promptly" to fix the bug yesterday afternoon.
She said users would have been performing a specific action with their privacy setting to be exposed and that hackers could only see pending friend requests — they could not accept them.
Blogger for TechCrunch, Steve O'Hear, wrote about the security breach yesterday.
He said: "There is a major security flaw in the social networking site that, with just a few mouse clicks, enables any user to view the live chats of their friends.
"Using what sounds like a simple trick, a user can also access their friends' latest pending friend requests and which friends they share in common.
"That's a lot of potentially sensitive information."
A spokeswoman for Facebook said: "For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the 'preview my profile' feature of Facebook privacy settings.
"When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function."
The security flaw meant users could view other people's private live chats and pending friend requests.
It was flagged up by a technology blogger who said he achieved the feat with "a few mouse clicks".
A spokeswoman for the social networking site said that engineers acted "promptly" to fix the bug yesterday afternoon.
She said users would have been performing a specific action with their privacy setting to be exposed and that hackers could only see pending friend requests — they could not accept them.
Blogger for TechCrunch, Steve O'Hear, wrote about the security breach yesterday.
He said: "There is a major security flaw in the social networking site that, with just a few mouse clicks, enables any user to view the live chats of their friends.
"Using what sounds like a simple trick, a user can also access their friends' latest pending friend requests and which friends they share in common.
"That's a lot of potentially sensitive information."
A spokeswoman for Facebook said: "For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the 'preview my profile' feature of Facebook privacy settings.
"When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function."