Facebook Bug Could Be Used to Harvest Names, Photos

Facebook feature could be abused by spammers to gather information on users.

By Kara Reeder | Posted Aug 12, 2010
Page of   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn
Computerworld reports that a new Facebook bug could be used by spammers to harvest user names and photographs.

Apparently, entering the e-mail address of a Facebook user with the wrong password returns a special "Please re-enter your password" page. This page shows the Facebook photo and full name of the person associated with the address. The feature is supposed to help people figure out if they've mistyped their e-mail address at login. However, it could be abused by spammers to gather information on Facebook users.

Researcher Atul Agarwal says the feature could be used by someone to generate random e-mail addresses, who could then check to see if they really worked.

Facebook places the blame on a recently introduced bug:

We have technical systems in place to prevent people's names and photos from showing to unrelated users upon login, but a recently introduced bug temporarily prevented these from working as intended ... We are already working on a fix and expect to remedy the situation shortly.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter