Potential Facebook App Permissions Flaw: 5 Fast Facts You Need to Know

Facebook security flaw, Facebook app permissions flaw, Facebook app hackers, Facebook privacy threat

(Getty)

The Next Web is reporting that a possible flaw with Facebook could pose a risk to your data. Sources say that the flaw prevents people from changing their permission settings for mobile apps on a mobile device. Here’s what we know so far about this developing story…


1. A Startup Reported the Flaw

A startup called MyPermissions brought the flaw to the attention of The Next Web. MyPermissions CEO Olivier Amar says his company also submitted the flaw to Facebook’s White Hat program.

MyPermissions has a blog entry about the alleged Facebook flaw on its official site.


2. Facebook Is Investigating

When The Next Web reached out to Facebook for a quote, the company declined to comment. According to information on The Next Web:

“We have also contacted Facebook for more information but the company declined to comment as the issue is currently under investigation. Facebook dill [sic] tell us, however, that it hasn’t been able to reproduce the behavior yet and is in contact with MyPermissions to investigate the claims.”


3. Hackers Could Exploit This Flaw

The alleged Facebook app permissions flaw could potentially allow hackers access to prevent users from revoking app permissions on mobile. As the MyPermissions team explained on their blog entry:

“Think about it like this: you download an app that promises to do one thing, but actually comes from a hacker who wants to seriously invade your privacy by mining your data. Given the right coding, this developer could trigger the same effect, basically making it impossible for a user to disconnect this malware app and revoke its permission to access your personal information.”

Facebook is often a target for hackers. Earlier this week, Facebook players of the popular game Candy Crush Saga were targeted by malware.


4. A Large Number of Mobile Facebook Users Could Be Affected

According to a recent article on TechCrunch, nearly half of the people who use Facebook on a daily basis do so exclusively from their smartphones. That means that if this mobile app permissions flaw is as bad as some experts believe, a huge portion of Facebook’s users could be at risk. Given what a cash cow Facebook’s mobile advertising has been, any loss of user confidence among Facebook’s mobile users could hurt the company’s bottom line.


5. Finding This Flaw Could Result in a Payday

On a happier note, the people who brought this potential flaw to Facebook’s attention might be eligible for a big, fat check. Facebook recently paid $33,500 as a bug bounty to Reginaldo Silva, a computer engineer in Brazil. According to PC World, the bug Silva found was related to Open ID.