November 2, 2018
Unfortunately, Facebook didn’t realize that feature left the front door to your account wide open, allowing another user to take control of your account.
Here is Guy Rosen, a VP at Facebook, with the explanation of exactly how an attacker could have taken over your account:
This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.
He went on to say they have “fixed the vulnerability” that affected 50 million accounts, and notified law enforcement.
But can you just trust Facebook now? Of course you shouldn’t. And why did a basic vulnerability like that exist in the first place?
You would think a company responsible for over 1 billion single accounts would be more careful with private access tokens. But they aren’t, and there isn’t any excuse for it.
That’s only half the story, however…
You might also think that if you clicked “Protect” in Facebook apps, and used their VPN service called “Onavo Protect,” that your private data would be… protected. Wrong again…
From Gizmodo we learn what is actually happening:
The company is actually collecting and analyzing the data of Onavo users. Doing so allows Facebook to monitor the online habits of people outside their use of the Facebook app itself.
So you log in to Facebook, use their “Protect” option, but aren’t protected like you would expect. Instead, Facebook follows your browsing habits.
But in this edition of “Everything Facebook Does Violates Your Privacy” we still aren’t done…
Dual-factor authentication, when done correctly, can be a good security measure. But Facebook didn’t just do it wrong, according to Gizmodo, they did it horribly wrong.
In order to use dual-factor authentication (2FA), you have to enter a mobile phone number. Normally, this number is only used to send a verification code each time you login. You type that code into a box, and can log into your account.
But Facebook thought it was okay to use the cell phone numbers to SPAM people with text messages. In the Gizmodo article on this egregious violation of your privacy, we get the scoop on the foolishness behind this decision:
“Abusing a security technology like 2FA by turning it into a marketing opportunity is pretty much the most short-term clever, long-term foolish thing Facebook could do,” Matthew Green, a cryptographer at Johns Hopkins University, tweeted.
In typical “Violate your privacy first, and don’t really address it later” fashion, Facebook acknowledged the 2FA blunder in a statement:
It was not our intention to send non-security-related SMS notifications to these phone numbers, and I am sorry for any inconvenience these messages might have caused.
But is that creepy VPN service “sold” under the guise of a “Protection” app? Not so much. Apparently, it’s A-OK for Facebook to follow you all over the Internet to snoop on what you’re browsing.
That’s the “bargain” they seem to hope you’re falling for, at least. And it’s easy to pick on Facebook when it comes to privacy, but that’s the point…
Their algorithms have one job that matters, to secure your private data. If they can’t even get that right, what else are they doing wrong?
Bottom line… your private life is an open book that any “bored” Government agency or individual with cheap technology can exploit.
With just a few clicks, a phone call, and a few dollars almost everything someone wants to find out about you can quickly be put together into a complete file.
And who knows how some stranger (including federal law enforcement) will use that information? So you need to start protecting your privacy any way you can, right now…
That’s why you should get our bestselling “Go Off the Grid” report, which is your blueprint for living a truly private life. Here are a few of the things inside…
- DO THIS NOW: The one thing almost no one does to properly hide their home address, and it has nothing to do with getting a PO Box. (page 4).
- The “privacy veil” you can set up with a few clicks that renders you practically anonymous — and helps you slash your taxes. (page 24)
- Secure your phone number and your calls from snoops and credit agencies in minutes with this “Smart” blueprint. (page 13)
- The secret “shield” that makes your home, car, and other assets practically lien proof. You’ll be able to “set it once and forget it.” (page 16)
- The digital “Ghost” that can protect you online, make your digital footprints disappear, and even save you money on airplane tickets. (page 19)
- And more… including how to legally remove yourself from the banking system.
If you are serious about protecting your private life, then you don’t want to miss this brand new report…
To living privately,
Location Independent Entrepreneur
P.S. Facebook has done just about everything wrong when it comes to protecting your privacy. You simply cannot trust them.
That’s why I suggest taking matters into your own hands by getting my special report today. You’ll learn how to go completely “off the grid,” without having to move out to a cabin in Montana.
And you won’t even have to leave your couch…