Facebook Messenger bug reveals chatting by users on Facebook

Facebook Messenger bug reveals chatting by users on Facebook

Mark Zukenberg, the CEO of the famous social media site- Facebook discussed on Thursday about his Platform to make more secure and added that he is working to make Facebook “privacy focused” like WhatsApp.

This was a result of Ron Masas from Company Imperva research who found that the Facebook has been surrounded by a host of privacy issues. The researcher found a bug in the Facebook Messenger that allowed websites to gain access to users’ data, including who they have been chatting with.

According to his blog post on Thursday, the vulnerability in the web version of Messenger allowed any website to expose who you have been messaging.

“Browser-based side-channel attacks are still an overlooked subject. While big players like Facebook and Google are catching up, most of the industry is still unaware”, he added.

Two types of data recorded

The researcher recorded that the Facebook Messenger was prone to vulnerability that allowed the leaked of CSFL, Cross-site Frame Leakage, which gave out the information on iFrame elements in the App.

The researcher recorded the “Full State” and the “empty state”- the two types of data. The first one displays conversations with people with whom the user have interacted whereas the second one are list of the information about the people users have never talk to.

Quick actions led the problem solved

 Ron Masas downcast the Facebook about the issues that make the Facebook to patch the bug very soon and now the all iFrame elements from the Messenger is removed and is safe now.

Mark Zukenberg said, he is working to make the Facebook more secure and make it like a WhatsApp- totally a “Privacy focused”which will be built around the principles such as private interactiosn, encryption, reducing, permanence, safety and interoperability.

However, time the vulnerabilities has been patched very soon and risk associated with it has been prevented. But, it may be some major issues if the problems are not detected soon. Thus, every platform sees it as a lesson and must have to concern about their privacy well.