(no subject)
The fact that Facebook has admitted this but isn't doing anything to warn people to change their password is pretty freaking pathetic...
http://www.symantec.com/connect/blogs/facebook-applications-accidentally-leaking-access-third-parties
"There is no good way to estimate how many access tokens have already been leaked since the release Facebook applications back in 2007. We fear a lot of these tokens might still be available in log files of third-party servers or still being actively used by advertisers. Concerned Facebook users can change their Facebook passwords to invalidate leaked access tokens. Changing the password invalidates these tokens and is equivalent to “changing the lock” on your Facebook profile."
Basically, unscrupulous apps can mine your account for data and even impersonate you. Who cares? Well, what if your best friend on Facebook posted to their wall something like "wow this is so freaking cool check it out!" followed by a link? We trust our friends, right? But it could be a link to a drive-by malware site... and if it was a well-made one, that actually had some kind of cool content on it, you might not even ever know...
http://www.symantec.com/connect/blogs/facebook-applications-accidentally-leaking-access-third-parties
"There is no good way to estimate how many access tokens have already been leaked since the release Facebook applications back in 2007. We fear a lot of these tokens might still be available in log files of third-party servers or still being actively used by advertisers. Concerned Facebook users can change their Facebook passwords to invalidate leaked access tokens. Changing the password invalidates these tokens and is equivalent to “changing the lock” on your Facebook profile."
Basically, unscrupulous apps can mine your account for data and even impersonate you. Who cares? Well, what if your best friend on Facebook posted to their wall something like "wow this is so freaking cool check it out!" followed by a link? We trust our friends, right? But it could be a link to a drive-by malware site... and if it was a well-made one, that actually had some kind of cool content on it, you might not even ever know...