Flaw Discovered in Facebook Account Security Lets Websites Auto Post on Facebook Walls

Even after leaving Facebook.com, a severe flaw in Facebook account security permits any website to post and “Like” a page with out the user’s knowledge or permission. Easy JavaScript code that is freely available, positioned on any internet page, will instantly “Like” a URL and post about it on Facebook Users’ walls with out their permission or understanding. A current check of this JavaScript code revealed that the code was able to automobile “Like” and effectively post on over 30 % in the users’ Facebook walls with out their knowledge or permission. This is a serious safety flaw in Facebook’s safety that must be fixed.

Picture going to your Facebook account, viewing your Facebook Timeline, creating a couple of posts in your Facebook wall, updating your standing. Then you leave Facebook.com, with out logging out of Facebook, and go to a few other web sites. You know, the usual every day routine. For many, it’s simpler to just leave Facebook.com and go to other web sites without logging out of your Facebook account. Whenever you go back to Facebook.com, you are already logged in–you don’t to kind your Facebook consumer Id and password again. You are able to go right for your Facebook timeline, to determine all of the updates from your Facebook buddies.

That is exactly where this Facebook safety flaw comes into play. Devious web website owners (some technically call them “Black Hat” webmasters) are taking benefit of Facebook customers. By putting in easy JavaScript code on their web website, webmasters are in a position to “fake” a click on a concealed Facebook “Like” button on their site. And then they post on your Facebook Wall about it, which promotes their URL or web website to all of your Facebook Buddies. And also you never see the click or the Facebook “Like”, and also you probably won’t see that you posted about their internet site on your Facebook Status unless of course you visit Facebook.com and view your Facebook Wall. Most Facebook users will by no means know that they are advertising internet websites that they recently visited unless of course someone tells them about it–because Facebook is created inside a way for us to see all of our friends’ updates on our timeline. It takes a separate click on the Facebook website to view your own Facebook Standing updates.

What’s disturbing right here is the reality that whenever you visit a web site. Not only will you “Like” a URL in the internet site owner’s selecting, the web site will also automatically post on your Facebook Wall with out you even knowing it. If you’re logged into your Facebook account, although you are NOT on Facebook.com, any website can instantly post in your Facebook Wall without your understanding. This is a severe Facebook safety flaw that Facebook requirements to address right away.

At this point, there is truly only 1 way which you personally can quit web sites from instantly posting and automobile “Liking” whenever you visit their internet site. Whenever you go to Facebook.com you need to log in–and when you leave Facebook.com, you should log out. As long at you are technically logged out of Facebook.com, there isn’t any way that a devious web site owner can force you to automatically “like” their internet site–and they cannot instantly post for your Facebook Wall.