Facebook pics uploaded in the clear

By

Android app gaffe.

Facebook has closed a hole that allowed photos to be downloaded and uploaded over an insecure connection.

Facebook pics uploaded in the clear

The flaw affected the site's Android main mobile and messenger applications and meant user's pictures were sent over the HTTP protocol, in contravention of Facebook's bid to push all traffic via HTTPS.

Images sent over wireless networks could be intercepted by attackers sniffing the traffic. While the impact for users was likely low, users connecting to public networks were most at risk.

Researcher Mohamed Ramadan reported the flaw to Facebook and was paid $2000 for the efforts.

Concerned users should update their apps through the official Google Play Store.

"It is time to update your Facebook apps right now," Ramadan said.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Top US diplomat impersonated with AI by unknown actor

Top US diplomat impersonated with AI by unknown actor

Log In

  |  Forgot your password?