Feb. 23, 2009

Posted by in Facebook, General | No comments

You Don’t Say

Sophos, an IT security firm, has warned that the Error Check System application, while apparently harmless, could potentially have been used by rogue developers to steal the personal information of Facebook members. (Telegraph)

Readers of this blog should be well-aware of the potential danger.  I personally think the “Error Check System” application is a brilliant example of what I and others have warned about for quite a while – an application that appears harmless and spreads quickly, yet can easily harvest user data along the way.  Users can go back and disable the application, but it only takes the first authorization for the application to access and store a user’s profile information.  For anyone who’s already tried to use the Error Check System, the damage has already been done.

Of course, the application may, in fact, be harmless.  How can we find out?  Only Facebook can tell what data the application actually retrieved, but even then there’s no way to know if it was consequently stored on another server.  Once again, TOS provisions on user data are unenforceable.

And once again, I hope this incident raises awareness of the current dangers with social networking applications.

By the way, if anyone finds a current link for the application, I want to install it on a test account and check out its code, so please pass on the URL to theharmonyguy at Gmail.

Leave a Reply