More on Facebook security

This week I’ve come across two more articles about Facebook’s poor security/privacy.

The first by Ian Glazer on the Burton Group Identity blog notes that apps can get access to all your details even if your privacy settings are set to prevent this… Whilst you can prevent a third-party app from accessing your details directly, if you allow your friends to read your profile, when they install the app it inherits the permissions of your friend relationship, rather than your own app settings, meaning the app can suddenly access your whole profile.

The second by the Cambridge University Security Research Lab relates to ads served either through Facebook, or within apps using the Facebook platform, and how these can access your personal data and the pictures you’ve stored. It ends with a worrying note – ‘The platform API remains fundamentally broken and gives users no way to prevent applications from accessing their photos.’