Latest News

South32 upgrades its onboarding with SuccessFactors

CBA wants agents to initiate application modernisation

India revokes order to preload cyber security app on smartphones

ASX outage caused by security software upgrade

Empowering Sustainability: Schneider Electric's Commitment to Driving Customer Success

Facebook pics uploaded in the clear

By Darren Pauli

Sep 19 2013 5:53PM

Android app gaffe.

Facebook has closed a hole that allowed photos to be downloaded and uploaded over an insecure connection.

Facebook pics uploaded in the clear

The flaw affected the site's Android main mobile and messenger applications and meant user's pictures were sent over the HTTP protocol, in contravention of Facebook's bid to push all traffic via HTTPS.

Images sent over wireless networks could be intercepted by attackers sniffing the traffic. While the impact for users was likely low, users connecting to public networks were most at risk.

Researcher Mohamed Ramadan reported the flaw to Facebook and was paid $2000 for the efforts.

Concerned users should update their apps through the official Google Play Store.

"It is time to update your Facebook apps right now," Ramadan said.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

android apps bug bounties facebook security

Partner Content

Suntory Oceania’s $30 million IT transformation powers carbon-neutral multi beverage facility

Partner Content Suntory Oceania’s $30 million IT transformation powers carbon-neutral multi beverage facility

ElasticON Sydney 2025: Deriving value from your data with Search AI

Partner Content ElasticON Sydney 2025: Deriving value from your data with Search AI

Machine identity a key priority for organisations’ security strategies: CyberArk

Partner Content Machine identity a key priority for organisations’ security strategies: CyberArk

Transforming Australian Insurance Operations, Customer Service and Fraud Detection with AI and ML

Partner Content Transforming Australian Insurance Operations, Customer Service and Fraud Detection with AI and ML

Sponsored Whitepapers

The cloud tipping point

The cloud tipping point

How AI will deliver real business value

How AI will deliver real business value

The multicloud imperative

The multicloud imperative

Your multicloud advantage

Your multicloud advantage

The business value of Oracle Autonomous Database

The business value of Oracle Autonomous Database

Events

iTnews Executive Retreat - Security Leaders Edition

Most Read Articles

WA man jailed for at least five years for evil twin attack

WA man jailed for at least five years for evil twin attack

Home Affairs to unleash AI on sensitive government data

Home Affairs to unleash AI on sensitive government data

Watt flags more fed insourcing after BoM website outrage

Watt flags more fed insourcing after BoM website outrage

Asahi aims to restore logistics by February following cyberattack

Asahi aims to restore logistics by February following cyberattack

Sydney-based AI-cloud waste startup raises $3m

Sydney-based AI-cloud waste startup raises $3m

Brennan uses NiCE to modernise its contact centre

Brennan uses NiCE to modernise its contact centre

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Impact Awards: Tecala slashes customer response times for fintech IQumulate

Interactive introduces private cloud platform

Interactive introduces private cloud platform

Digital61 expands cybersecurity portfolio

Digital61 expands cybersecurity portfolio

Most popular tech stories