By John Palm, Editor
GCN Live.com
Thanks to self-proclaimed “entrepreneur, hacker, and writer” Nik Cubrilovic, Facebook was forced to fix a cookie that was tracking its 750 million users even after logout.
Courtesy Mashable Social Media
Australian blogger Cubrilovic claims he has known about this flaw since last year. He says he contacted Facebook repeatedly with this information, but the problem was never fixed resulting in Cubrilovic going public in his blog. One day later, Facebook announced it has fixed the flaw in the cookie that contained identification information.
Cubrilovic said he took part in a conference call with Facebook engineers and communications staff, according to The Australian. During the call, the social network giant admitted it collected and uploaded data after users were logged out, but said it did not use identification data.
Facebook, like nearly every website, stores cookies on your computer for a variety of purposes – some good and some bad. In Facebook’s case, the cookie could track your online movements and information after you logged out.
Some believe this data could have been sold to advertisers – possibly garnering billions of dollars.
The Australian reports that, “Queensland University of Technology security expert Bill Caelli described the flaw as a ‘goldmine’ for hackers.”
Facebook seems to be playing the trust-me-card innocently saying in a statement: “There was no security breach. Facebook did not store any information it should not have.”
Often, exposing flaws in companies – such as done by Nik Cubrilovic – is the best way to evoke change in a world where people’s information is being sold to marketers and other third parties.
Last week, General Motors announced it would gather and use data collected by OnStar subscribers as well as those who canceled their plan but kept the OnStar equipment in their vehicle.
Due to public revolt of the change, GM announced a reversal of its original decision.