More Details on AT&T’s “Network Glitch” that Caused Compromised Facebook Security

first_imgsarah perez Tags:#Facebook#mobile#NYT#social networks#web Related Posts On Saturday, an exclusive AP report told a story of an AT&T network glitch which allowed some mobile users the ability to login to other people’s Facebook accounts. Although according to the story only a handful of people were affected by this glitch, the security flaw could have “far reaching implications for everyone on the Internet,” wrote the reporter.After reviewing the details of the incident, the “glitch” appears to be more of an issue with some misconfigured software at AT&T and less of an internet-wide security concern, as previously feared. That being said, the wireless company regarded the incident seriously and has taken measures to prevent similar issues from reoccurring in the future. Users Logged into Wrong Facebook AccountsIn the AP story, a mother and her two daughters, all of whom are AT&T subscribers, logged into the social networking site Facebook using their mobile phones and found themselves with full access to strangers’ Facebook accounts. This was apparently caused by a routing error on AT&T’s part notes the article. In this modern-day equivalent of “crossed wires,” it seemed the wireless company had lost track of which users were which and had sent back the incorrect web pages to the users’ phones. It turns out that the women were not alone in experiencing these issues – other AT&T customers were affected as well. However, AT&T won’t say how many, only that the problem occurred in “a limited number of instances.”  Over on the technology news website Slashdot, many speculated about the cause of incident, questioning whether it was a corrupted caching proxy at AT&T or a bug in the HTTP headers set by Facebook that instruct how a response should be cached, among other things. In other words, some weren’t taking it at face value that the problem was entirely AT&T’s fault, despite the fact that an AT&T spokesman claimed that the “network problem behind those episodes” was being fixed. Server Software Error to BlameA recent statement from AT&T now reveals a few more details about the problem and what they’re doing to address it. According to Michael Coe, the same AT&T spokesman cited in the AP article, the issue was caused by a “server software connectivity error” which impacted some wireless customers logging into Facebook using AT&T subscriber information. Facebook users who signed up for the service using their mobile phones are able to login to the site using the phone number and password created during the sign up process, Facebook states in a Q&A on their Help Site. Although Facebook would not comment on the original story, AT&T reports that they did work with the social network in determining the cause of the problem. As it turns out, those affected were logging into Facebook using their AT&T phone numbers as opposed to a username/password combination. Typically, when a username and password is used, a cookie is stored on the mobile device. This small file retains a user’s login credentials, allowing them to access Facebook without having to re-enter their sign in information. When a cookie is not available, the subscriber information is sent to Facebook.com automatically. This is what had taken place in the reported incidents.No More Logins Using Your Phone Number, Says AT&TAT&T reports that they’ve now put additional “security measures” in place to prevent a reoccurrence of this issue but won’t elaborate on what precisely those measures involve. In addition, the wireless company states they are working with Facebook to disable the use of subscriber information as a method for automatic login. That means going forward, AT&T users will no longer be able to use their phone numbers as login credentials to access Facebook from their mobile devices. Only a username and password combination will be allowed. Coe also notes that a similar incident occurred on a customer’s phone in Atlanta, referring to the incident involving the three women. In that case, a misdirected cookie was set on the phone. This is a slightly different issue from what’s described above as it does indeed hint at a routing problem where users are sent the wrong cookie. Although the problem is now resolved, AT&T has still not been able to determine what caused this particular issue. However, the possible routing issue behind this one incident (AT&T could only isolate the problem to one of the three women’s phones) does not appear to be the cause of the other problems. While still somewhat disturbing, especially since the cause is unknown, this singular occurrence does not merit worrying about any “far-reaching,” internet-wide consequences as implied by the original article. A Comprehensive Guide to a Content Auditcenter_img The Dos and Don’ts of Brand Awareness Videos Guide to Performing Bulk Email Verification Facebook is Becoming Less Personal and More Pro…last_img read more

Hot of the web

first_imgE-love: According to The Wall Street Journal, venture capitalists still love the Net, if only a little less. Investment in Internet companies by venture capital firms fell in the second quarter of 2000 to $14.75 billion, down from $15.39 billion in the first quarter. But that is still more than,E-love: According to The Wall Street Journal, venture capitalists still love the Net, if only a little less. Investment in Internet companies by venture capital firms fell in the second quarter of 2000 to $14.75 billion, down from $15.39 billion in the first quarter. But that is still more than the amount invested in the first half of 1999.Olympic Surprise: Thought the Net was supreme? Well, you have to wait a while: TV still rules, OK? Olympic officials have banned Internet video and audio transmissions from Sydney to avoid usurping TV’s broadcast rights. But you can still track the games through Olympics.com and a host of other sports sites. The exclusive Olympics site at indiatoday. comgoes up soon so watch that space as well.India View: It’s getting better. The Gartner Group’s SHARP (Surfing Habits Advertising Research and Purchase) latest outlook for India (3,000 respondents in seven metros) says it has the highest Net user growth rate in Asia-Pacific. But e-business is still low, with only a little over 2 per cent of users having paid online. Part of the reason is problems with setting up confidentiality of card transactions on the Net. The good news: a fifth of those who haven’t bought anything on the Net say they want to. There was more good news last week from a study on e-commerce by Taylor Nelson Sofres Interactive. Its 27-country survey across Europe, Asia-Pacific and North America ranked India 17 among on-line shoppers, on par with Malaysia and Singapore and ahead of Taiwan.last_img read more

Roger Federer gets death threat at Shanghai Masters, security tightened

first_imgWorld number one tennis player Roger Federer has received an online death threat prior to a tournament in Shanghai.The director of Shanghai Masters championship, Yang Yibin, confirmed the threat to the Swiss player.An unknown blogger said he planned to assassinate Federer in his post on a popular Chinese website.The government agencies have been contacted to increase security around Federer and his family.He also posted a doctored image showing a decapitated Federer on his knees on a tennis court with a masked executioner dressed in black and holding an axe posing next to him.Police and other government agencies have been contacted to increase security around Federer and his family.Attacks on tennis players are rare, but in 1993 Monica Seles was stabbed by a deranged fan during a match in Hamburg. In the 2009 French Open final, a fan invaded the court and tried to put a beret on Federer before being tackled by security officials.last_img read more