Facebook fixes security flaw that exposes personal chats

Subscribe to Oneindia News

London, May 6 (ANI): Social networking site Facebook has made haste to fix a security flaw that allowed its users to view the live chats of their friends and also see their pending friend requests.

All one needed to do to spy on their friends' personal chat messages and see who requested to join their network, was use the site's privacy setting to expose the personal information.

Facebook is said to have temporarily removed the chat facility while it fixed the flaw.

The exploit, originally reported by the blog TechCrunch, worked via an option in privacy settings that allows people to preview their profiles, as it would appear to their friends.

But it was never intended to show others what their friends were actually doing.

"For a limited period of time, a bug permitted some users' chat messages and pending friend requests to be made visible to their friends by manipulating the 'preview my profile' feature of Facebook privacy settings," the BBC quoted Facebook as saying in a statement.

"When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function.

"We also pushed out a fix to take care of the visible friend requests which is now complete," it stated, adding that the chat function will be turned back on shortly.

Candid Wueest, security expert at Symantec, said that it is a matter of concern when an organisation is not able to provide security.

"For any organisation, whether you are a social networking site or not, privacy breaches are worrying," Wueest said.

"Unfortunately, this isn't the first privacy breach of its kind to plague a social networking site - other high-profile sites have also been affected with similar problems," he revealed.

But he also praised Facebook's quick response to the issue.

"Facebook has acted quickly in fixing the alleged flaw, whereas some social networking sites have been known to take days to fix issues reported," he added. (ANI)

Please Wait while comments are loading...