Facebook asked some users for their email passwords, because why not

by
Sean Gallagher
from Ars Technica - All content on (#4CDXE)
GettyImages-1074353570-1-800x534.jpg

Enlarge / Sorry. (credit: Bloomberg/Getty Images)

As company executives try to rebrand Facebook as a privacy company, the company is still apparently struggling to instill a privacy culture internally and with third-party developers. As Kevin Poulson of the Daily Beast reported on April 2, some new Facebook users were being asked to provide both their email address and their email password in order to register accounts.

And in a blog post today, researchers from the cloud security firm UpGuard reported that they had discovered two publicly accessible caches of Facebook user data created by third-party applications that connected to the Facebook platform. Both caches were hosted by Amazon Web Services' Simple Storage Service (S3) in the AWS public cloud.

Password, please

The email password practice was first noticed by a software developer and information security expert who goes by the handle "e-sushi":

Read 7 remaining paragraphs | Comments

index?i=itjRDSUcifc:s3EJVx810VI:V_sGLiPB index?i=itjRDSUcifc:s3EJVx810VI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments