| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH8yC8m4gfR7Kts1WA8MKH6hKLtB=r_jL9Mnot2uVXFg9JHVtA@mail.gmail.com> Date: Mon, 24 Jun 2013 15:55:16 -0400 From: Jeffrey Walton <noloader@...il.com> To: Packet Storm <bugtraq@...ketstormsecurity.org> Cc: bugtraq@...urityfocus.com Subject: Re: Facebook Information Disclosure On Fri, Jun 21, 2013 at 5:40 PM, Packet Storm <bugtraq@...ketstormsecurity.org> wrote: > Worth Reading: > > http://packetstormsecurity.com/news/view/22713/Facebook-Where-Your-Friends-Are-Your-Worst-Enemies.html > > https://www.facebook.com/notes/facebook-security/important-message-from-facebooks-white-hat-program/10151437074840766 Great write-up. >From the write-up: ]] It was clear that Facebook attacked the disclosure flaw properly, but ]] concerns still remain about the fact that dossiers are being built on ]] everyone possible. We had to ask hard questions. The fact that I ]] have no control over additional email addresses and phone numbers ]] added to their data store on me is frightening. The questions we ]] asked were very to the point but carefully constructed to reflect an ]] equal balance between usability and user safety. After all, my ]] personal safety is paramount at Facebook right? If you don’t want your data analyzed, inspected, shared, mishandled, lost or stolen, then don’t provide to social networking experiments, clouds and drop boxes in the first place. Jeff
Powered by blists - more mailing lists