Facebook mobile app security hole does not require jailbreak access
Earlier today, security researcher Gareth Wright revealed the discovery of a security hole in the Facebook app running on Android and iOS mobile devices. The simple 'hack' allows users to copy plain text configuration files off the device and thus effectively 'stealing' credentials / gaining unauthorized access to accounts on that iOS device.
Facebook was quick to respond with a statement that sort of indicated that you'd only be vulnerable to this if you were running a jailbroken device. The Next Web however has discovered that this is entirely false, as getting access to the file system is possible without jail breaking through tools like iExplore.
Unfortunately, some articles have already been written that emphasize the jail breaking aspect of this, when in fact it only makes it slightly more vulnerable and does nothing to change the fact that non-jailbroken phones are also vulnerable though physical access to the device is of course still required.
- Tue, 2012-03-20 07:09
- Mon, 2013-05-20 23:55
- Thu, 2013-04-25 06:24