The BBC has been able set up a malicious application that can steal details of not only your information but the people you’re connected with. This is because in Facebook, applications have permission to ‘walk the tree’ of your friend contact details, letting the apps do things like populate the list of people for you to forward to, when you choose to “forward this and see what happens.”
We have discovered a way to steal the personal details of you and all your Facebook friends without you knowing.
The article is worth reading. Wow, good job British hax0rz! I won’t say “the sky is falling” because this has been pretty well-known among the geek-o-rati for a long time. BBC notes MySpace apps run on MySpace’s servers, giving MySpace a much clearer idea of what an application is doing with the data.
Perhaps the media attention this is sure to draw will move FB to a more secure model. One can hope.