Latest News

Popular quiz app Nametests exposed data of over 120 million Facebook users
Friday, June 29, 2018 IST
Popular quiz app Nametests exposed data of over 120 million Facebook users

Apps appearing in your News Feed promise to tell you a lot, from which celebrity you best resemble to how you will look like after 50 years. In reality, they must have been leaking your private data for years.
 

 
 

Nametests.com, a popular third-party website that offers various quizzes for Facebook users, put private data of about 120 million users at risk for years, a security researcher has disclosed.
 
Inti De Ceukelaire, an ethical hacker, demonstrated how the security loophole worked. He explained in a blog post that he was aiming to discover a flaw in the social network after Facebook introduced the Data Abuse Bounty programme in the wake of the Cambridge Analytica data harvesting scandal.
 
De Ceukelaire focused on NameTests, which is a popular quiz app on the social network, only to discover that the website was fetching personal information of users from a URL and could be accessed by any website. The data was wrapped in a JavaScript progamme that could be shared by any other platform.
 
The hacker further pointed out that NameTests could identify users even after the application was deleted.
 
“I would imagine you wouldn’t want any website to know who you are, let alone steal your information or photos. Abusing this flaw, advertisers could have targeted (political) ads based on your Facebook posts and friends. More explicit websites could have abused this flaw to blackmail their visitors, threatening to leak your sneaky search history to your friends,” he wrote in a post. 
 
Here’s a video demonstration of how the loophole worked.

Should you be worried?
 
De Ceukelaire said he has already alerted Facebook about the security loophole. “At my request, Facebook donated $8,000 to the Freedom of the Press Foundation as part of their Data Abuse Bounty Program,” he said in the post.
 
Responding to the researcher’s claim, Facebook said it has fixed the vulnerability and NameTest’s parent company — Social Sweethearts — has assured that there was no evidence of any personal data being exposed.
 
“It was reported by Inti De Ceukelaire and we worked with the app’s developer — Social Sweethearts — to address the website vulnerability he identified which could have affected Facebook information people shared with nametests.com. To be on the safe side, we revoked the access tokens for everyone on Facebook who has signed up to use this app. So people will need to re-authorize the app in order to continue using it,” Facebook said in a post.
 
“The investigation found that there was no evidence that personal data of users was disclosed to unauthorized third parties and all the more that there was no evidence that it had been misused. Nevertheless, data security is taken very seriously at social sweethearts and measures are currently being taken to avoid risks in the future,” a Social Sweethearts spokesperson told Gizmodo.
 

 
 

How to stop third-party apps leaking your Facebook data
 
After the Cambridge Analytica data scandal, Facebook has released various tools to help users gain control of their private data. For instance, Facebook stops apps from accessing your data after 90 days of non-use by a user. The company has also made it easier for anybody to access privacy tools.
 
If you are using quiz apps like Nametests.com, here’s what you can do to prevent data leak.
 
Launch the Settings menu by clicking the down arrow button located on the top bar of your Facebook homepage.
 
Choose ‘Privacy’ and select ‘Apps’.
 
 
Under ‘Apps, Websites and Plug-ins’ click on the ‘Edit’ button.
 
This feature is enabled by default in order to allow users you use “apps, plug-ins, games and websites on Facebook and elsewhere”.
 
Disable this to stop third-party apps from accessing your Facebook information.
 

 
 
 
 
 

Related Topics

 
 
 

Trending News & Articles

 Article
Tata Harrier’s 7-seater Version H7X Will Be Quite Different – Report

Tata Harrier’s three-row seat version in works, details out  

Recently posted . 2K views . 0 min read
 

 Article
How to make you car as silent as a Rolls Royce inside

Rolls Royce cars are extremely luxurious. While there are many expensive pieces of equipment in Rolls Royce cars, their most relaxing feature is the silence that ...

Recently posted . 2K views . 2 min read
 

 Article
India's Top 5 Mobile Charger manufacturer Brand 2019

The following list of India's Top 5 Mobile Charger manufacture Brand 2019  

Recently posted . 2K views . 0 min read
 

 Article
Mahindra XUV300 vs Maruti Brezza, Ford EcoSport, Tata Nexon – Price

XUV300 is the latest entrant in the compact SUV segment.

Recently posted . 2K views . 0 min read
 

 
 

More in Electronics & Gadgets

 Article
FACEBOOK REDESIGNS FACEBOOK: HERE'S HOW EVENTS AND GROUPS WILL TAKE CENTRE STAGE

• Facebook is redesigning its core app and website • The refreshed Facebook place...

Recently posted. 795 views . 2 min read
 

 Article
Motorola Moto Z3 Play announcement set for June 6

Motorola has started sending out press invites for a product launch event on June 6 in Brazil. While the invite does confirm a smartphone will be the star of the ...

Recently posted. 650 views . 1 min read
 

 Article
Nokia 9 PureView vs OnePlus 6T McLaren edition: Price, display, camera, RAM and more

HMD Global recently launched its flagship smartphone, the Nokia 9 PureView. Here we compare the detailed specifications and features of the recently launched devi...

Recently posted. 841 views . 1 min read
 

 Video
First Look 2018 Honda CR-V



Recently posted . 966 views
 

 Reviews
Top 10 Best Inverter Batteries in India With Price 2019



Recently posted . 1K views . 99 min read
 

 Article
SpaceX to Send Two Tourists Around Moon in 2018

SpaceX said Monday two non-public residents have paid cash to be despatched across the Moon in what might mark the farthest human beings have ever travelle...

Recently posted. 981 views . 23 min read
 

 Article
5 Best Car Launches of 2018: From Honda Amaze to Maruti Suzuki Ertiga

2018 saw launches of a lot of new cars in the Indian market, from the mass segment hatchbacks to premium segment SUVs, the Indian market has seen it all

Recently posted. 1K views . 1 min read
 

 
 
 

   Prashnavali

  Thought of the Day

"The moment when you feel qualified enough to judge others That is the moment you make your first Wrong judgment."
Anonymous

Be the first one to comment on this story

Close
Post Comment
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST
Shibu Chandran
2 hours ago

Serving political interests in another person's illness is the lowest form of human value. A 70+ y old lady has cancer.

November 28, 2016 05:00 IST


ads
Back To Top