Tom says he accidentally stumbled upon the fact that some third party applications can access and read our inbox messages

Features Thursday, July 10, 2014 - 05:30
The News Minute | June 9, 2014 | 5:07 PM IST  Tom George is just an ordinary first year BTech student- actually not. He just received 7500 dollars from Facebook as a prize amount for pointing out a bug that many of us would not even have bothered to notice. But the error might have been a dreadful privacy violation from Facebook’s part, had it not been fixed. Well, thanks to this young chap! What Tom did was to point that some third party applications that we so carelessly “Allow” on Facebook, can even access our inbox and read our private messages. So far the issue went unnoticed as when these applications sought permission, they never mentioned that they can access your inbox. Speaking to The News Minute, Tom says that he stumbled across the error accidentally. “I allowed a third party application, and then realized that they can access my inbox as they were showing the number of messages in my inbox and the like. I tried two more applications run by similar software and found that the inbox is still accessible. This is when I checked Facebook’s applications settings – they had no protection to prevent third party applications from accessing your inbox”. Tom was quick to report about the error in the “White hat” area of Facebook. After this Facebook got in touch with Tom to know more on how he found out about the flaw. Once they saw that Tom’s claim was real, and that there was indeed a privacy lapse, they quickly owned up to their mistake. “The patch has been fixed now, and the bounty is something Facebook gives to people who point out its errors like this. Every bounty has a corresponding amount” Tom says.
Become a TNM Member for just Rs 999!
You can also support us with a one-time payment.