Facebook Privacy Vulnerability

By Edward Bellamy on October 8, 2010 9:21 PM | | Comments (1) | TrackBacks (0)

Today I found a Facebook privacy vulnerability affecting dates of birth. The scenario:

  • The Facebook user hides their date of birth from view
  • When today’s birthdays are viewed, those who choose to publish their year of birth have their age displayed. Those who have opted to hide their year of birth in their privacy settings do not have their age published. ( http://www.facebook.com/?sk=bd )

However…

  • When viewed via the Facebook mobile site, their age is published ( http://m.facebook.com/birthdays.php )

Obviously from this, the individual’s date of birth can be easily calculated.

UPDATE: I have of course notified Facebook of this privacy flaw.

Categories:

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: Facebook Privacy Vulnerability.

TrackBack URL for this entry: http://cyberissues.eu/cgi-bin/mt-tb.cgi/13

1 Comments

Edward Bellamy Author Profile Page said:

I can confirm that as of yet, this has not been resolved. Of my four Facebook friends who have Birthdays today, one has opted to hide their year of birth but I can still see their details.

October 14, 2010 10:49 AM

Leave a comment

Search

About this Entry

This page contains a single entry by Edward Bellamy published on October 8, 2010 9:21 PM.

Google bosses convicted in Italy for User Content was the previous entry in this blog.

Restarting Apache2 on Linux is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Latest Twitter Updates

    follow me on Twitter