[ad_1]
SAN FRANCISCO (AFP) – Facebook admitted Thursday that millions of pbadwords were stored in clear on its internal servers, a security card that left them readable by the employees of the social media platform.
"To be clear, these pbadwords have never been visible to anyone outside of Facebook and we have not found any evidence to date that anyone has been attacked or mishandled internally," he said. said Pedro Canahuati, vice president of engineering, security and privacy data a blog post.
According to Canahuati, this blunder was discovered at the beginning of the year during a safety review at the beginning of the year. It follows a series of controversies over whether Facebook adequately protects the privacy and data of its users.
Receive the daily edition of the Times of Israel by email and never miss our best stories
Free registration
Canahuati said that the Silicon Valley company should inform hundreds of millions of Facebook Lite users, tens of millions of other Facebook users and tens of thousands of users of Facebook. Instagram whose pbadwords would have been vulnerable to prying eyes.
The Californian company reaches approximately 2.7 billion people with its main social network, Instagram and messaging apps.
Dinged Data Defense
Brian Krebs, of the KrebsOnSecurity.com security news website, cited an anonymous source on Facebook that allegedly revealed that the internal investigation had revealed that up to 600 million users of the social network had pbadwords stored in plain text files searchable by more than 20,000 employees. .
The exact number had not yet been determined, but archives with unencrypted user pbadwords dating back to 2012 were found, according to Krebs.
The admission of this misstep by Facebook comes after the report of Krebs.
Investigative reporter Brian Krebs speaks to the audience of cyber criminals at the Microsoft BlueHat protest in Tel Aviv (courtesy)
"We have corrected these problems and, as a precaution, we will inform everyone whose pbadwords we have found have been stored in this way," said Canahuati.
Facebook's practice is to hide people's pbadwords by replacing them with random characters, then to put away the software keys needed to make sense of the mess, according to Canahuati.
This technique allows the Facebook system to recognize valid pbadwords when users log in, without storing unencrypted information that employees or hackers could read.
Facebook said that social network users could enhance security by updating their complex pbadwords and choosing to require a second piece of data, such as text code, to access the accounts.
World probes
Regulators, investigators and elected officials around the world have already explored Facebook's data sharing practices, which number more than two billion users.
The social network's treatment of user data has been a source of controversy since it admitted last year that Cambridge Analytica, a political consulting firm, had used an app that could have diverted confidential information from $ 87 million. users.
Facebook has announced a series of measures to tighten data processing, including eliminating most of its data-sharing partnerships with outside companies.
Last week, the social network announced the departure of its product manager, Chris Cox, becoming the most senior executive to leave in the turmoil of the main social network.
Cox made this announcement on his Facebook page, saying that he was leaving "with great sadness" after 13 years.
While Cox gave no specific reason for his decision, he said that Facebook's chief, Mark Zuckerberg, had unveiled a new direction: it was no longer the "digital city's place", but the focus on private interactions on a smaller scale.
"As Mark pointed out, we are turning a new page in the direction of our product, focused on an encrypted and interoperable email network," wrote Cox.
"It will be a big project and we will need leaders who are excited to see the new direction come to fruition."
[ad_2]
Source link