Suramya's Blog : Welcome to my crazy life…

January 19, 2010

Flaw gives AT&T users access to other user’s Facebook accounts

Filed under: Computer Security,My Thoughts,Tech Related — Suramya @ 11:23 PM

Recently a Georgia mother and her two daughters logged onto Facebook from their mobile phones and wound up in a strangers’ accounts with full access to their private information. All of them were using AT&T as their data provider. On the face of it, it seems pretty scary.

How prevalent this flaw is and what other services are affected is something that is still unknown. As far as I can tell no technical details have been released to explain this issue either by Facebook or AT&T. So I am going to speculate on various ways this might have happened.

1. A flaw in Facebook caused the system to falsely authenticate users based on their IP address even without an authentication cookie present.

This could happen, however if this was the case a lot more people would have hit it by now especially on networks that have their IP address allocated dynamically.

So Probability of this being the reason: Very Low

2. AT&T is using a proxy caching server and the authentication cookies used by Facebook was stored on the proxy server.

If a proxy server was being used by AT&T then when a request went out to Facebook it would check for a valid session using the server’s IP address and then check for an authentication cookie on that server. If one existed the user would then be authenticated even though this time someone else was trying to access their Facebook account.

The problem in this case would be the incorrect configuration of their Proxy server by AT&T.

So Probability of this being the reason: Very High

3. Can’t think of any other reason… Though there could be a ton of other explanations. Just can’t think of any of them right now.

Caching servers are well and good but if they are not correctly configured they have the capacity of causing a lot of havoc and security issues. So I am off to read up more about proxies and caching servers and how to configure them correctly.

Source: – Network Flaw Causes Scary Web Error.

– Suramya

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress