Facebook Fixing Vulnerability That Would Prohibit Users From Revoking App Permissions

By David Cohen 

MyPermissionsVulnerability650Facebook is working to remedy a vulnerability discovered by application security provider MyPermissions, which blocks users of the social network from revoking permissions granted to apps that allow them to access those users’ information.

MyPermissions detailed the vulnerability in a post on its blog:

In the process of preparing for the release of an update packing a few awesome new features, we ended up discovering something pretty alarming.

It comes down to this: We’ve stumbled upon a way where pretty much anyone with a little bit of technical know-how could make it impossible for you to revoke an app’s permission to access your information.

Think about it like this: You download an app that promises to do one thing, but actually comes from a hacker who wants to seriously invade your privacy by mining your data. Given the right coding, this developer could trigger the same effect, basically making it impossible for a user to disconnect this malware app and revoke its permission to access your personal information.

As MyPermissions also pointed out, more than one-half of Facebook’s users access the social network via mobile devices.

Readers: Have you ever seen a message like the ones in the screenshots above from MyPermissions?