The world’s largest social network Facebook wants to read SMSes and other confidential information of users on Android, cyber-security firm Kaspersky said on Monday.
“Over the last few days there has been a constant scrutiny over Facebook having access to your SMS. Buried within the latest update for Facebook’s Android app is a feature that is causing growing concern among some users,” Kaspersky said in a statement today. The social media’s logic behind seeking access to SMS is that if you add a phone number to your account, this allows them to confirm your the number automatically by finding the confirmation code within a text message. This is the same technique used by various apps, including Whatsapp to verify your phone number at the time of installation.
The updated Facebook application now wants to read calendar events plus confidential information which it justifies as it is required to allow the app to show your calendar availability (based on your phone’s calendar) when you’re viewing an event on Facebook. “Two-factor authentication provides an extra level of security, so it’s good to see Facebook providing this option … As a final note, we’d urge people to carefully check the permissions requested by any app when you first install it,” Kaspersky Lab’s Principal Security Researcher David Emm said. Kaspersky added the permissions also grants access to multimedia messages, for which reason is not explicitly given.
It expressed apprehension on the word ‘automatic’ used in the permission sought by Facebook. “The key, it seems to lie in the word ‘automatically’. Surely the app doesn’t need to do this automatically. Facebook could simply prompt me to type in the code manually. Or, at the very least, provide this option,” Kaspersky said. Read more.
“Over the last few days there has been a constant scrutiny over Facebook having access to your SMS. Buried within the latest update for Facebook’s Android app is a feature that is causing growing concern among some users,” Kaspersky said in a statement today. The social media’s logic behind seeking access to SMS is that if you add a phone number to your account, this allows them to confirm your the number automatically by finding the confirmation code within a text message. This is the same technique used by various apps, including Whatsapp to verify your phone number at the time of installation.
The updated Facebook application now wants to read calendar events plus confidential information which it justifies as it is required to allow the app to show your calendar availability (based on your phone’s calendar) when you’re viewing an event on Facebook. “Two-factor authentication provides an extra level of security, so it’s good to see Facebook providing this option … As a final note, we’d urge people to carefully check the permissions requested by any app when you first install it,” Kaspersky Lab’s Principal Security Researcher David Emm said. Kaspersky added the permissions also grants access to multimedia messages, for which reason is not explicitly given.
It expressed apprehension on the word ‘automatic’ used in the permission sought by Facebook. “The key, it seems to lie in the word ‘automatically’. Surely the app doesn’t need to do this automatically. Facebook could simply prompt me to type in the code manually. Or, at the very least, provide this option,” Kaspersky said. Read more.
Source: Technology News
No comments:
Post a Comment