Facebook dodges promise 'peeping Tom' webcam exploit thanks to bug hunters
It seems naked amateurs models that Facebook has dodged a somewhat grave security
accident that would have permitted hackers to remotely and secretly trigger
user webcams and post the recorded video to their profiles. According to
Bloomberg, a pair of investigators at XY Security found out this bug in July
and submitted it to Facebook, who paid the two $2,500 in money for their
efforts — that's five times the typical going rate Facebook boasts for bugs users
submit, an admission that the bug was especially serious. A Facebook
spokesperson told Bloomberg that it discovered no users were influenced when it
closed the hole, but it's still a possibly grave flaw the business must be
pleased it repaired before things got unattractive. "This vulnerability,
like numerous others we supply a bounty for, was only theoretical, and we have
glimpsed no clues that it has been exploited in the wild," Facebook
spokesperson Fred Wolens wrote to Bloomberg in an e-mail.
Facebook may have dodged a bullet
This is barely the first "peeping Tom" exploit out there, but one on the gigantic Facebook platform could have been a very dark eye for a company endeavouring to turn around its struggling place in the supply market. granted the negative vigilance that apps like Snapchat and Poke have obtained recently for not being as protected with their videos as they assertion, it appears like video privacy will extend to be a hot security theme for the foreseeable future. That said, Facebook insists the method to access client webcams was quite a difficult one. "Essentially, several things would need to proceed wrong — a client would need to be deceived into travelling to a malicious sheet and banging to cause their camera, and then after some time time span, deceived into banging afresh to stop / release the video," Wolens composed. despite of the difficulty level, the trampling of this exploit is a good example of the worth of various "bug bounty" programs that companies like Facebook, Mozilla, and Google take advantage of.
Facebook may have dodged a bullet
This is barely the first "peeping Tom" exploit out there, but one on the gigantic Facebook platform could have been a very dark eye for a company endeavouring to turn around its struggling place in the supply market. granted the negative vigilance that apps like Snapchat and Poke have obtained recently for not being as protected with their videos as they assertion, it appears like video privacy will extend to be a hot security theme for the foreseeable future. That said, Facebook insists the method to access client webcams was quite a difficult one. "Essentially, several things would need to proceed wrong — a client would need to be deceived into travelling to a malicious sheet and banging to cause their camera, and then after some time time span, deceived into banging afresh to stop / release the video," Wolens composed. despite of the difficulty level, the trampling of this exploit is a good example of the worth of various "bug bounty" programs that companies like Facebook, Mozilla, and Google take advantage of.
No comments:
Post a Comment