Facebook Connect’s Security Breach

by Ankit on July 17, 2011

You will be surprised to know that recently Hulu a video streaming website have publicized that they have discovered some loopholes in Facebook. The severity of this security breach is so high that any user who logs in using Facebook Connect into Hulu is able to see the personal and confidential information of other users also.

Previously, Hulu had announced that they have come up with a new feature that allows Hulu users to comment on a specific instance within a video. Both the comment and the portion of the video can be shared on your Facebook profile by clicking a button on the video player’s page. This feature uses Facebook Connect. Connect is a service that lets Facebook users log into third-party services using their Facebook account information. These days most of the websites allow you to login their websites using Facebook Connect Login, this eventually saves you from creating a fresh login for that website.

hulu facebook security breach

The problem with this Video Streaming Site – Hulu occurred shortly after launching their Facebook Connect feature. They noticed that a small number of users were seeing someone else’s account information upon logging into their accounts through the feature. The company said that highly sensitive information such as account passwords or credit card numbers should not be compromised as a result of a bug.

What created this loophole?

As many of you would be knowing that Facebook runs on Personalized Home Page (PHP). In the terms of security PHP is quite unsafe and has several unknown and known bugs which in turn lead to such a big security breach at Facebook Connect.
I would also like to highlight another example: WordPress also supports PHP. However they keep out upgrading themselves to protect against such security breaches which might have arisen due to PHP.
Hence, Hulu said it won’t roll out Facebook Connect integration to the site again until the company can ensure that privacy breaches won’t occur in the future.

So this wall all about Facebook Connect Security Breach. Please feel free to share your feedback or suggestions in the comments section below.


Article by

Ankit is the founder of Geek Revealed. He is tech Geek who loves to sit in front of his square headed girlfriend all day long. :D   You can find Ankit on FaceBook or Google Plus

Comments on this entry are closed.

Next post: