The Latest in IT Security

Google+Facebook Equals Time Bomb


An application written to allow integration between Facebook and Google Plus may be all you need to compromise your computer. According to a PCWorld report an application called Google+Facebook used a well known programming worst practice of downloading a JavaScript file upon launch.

If you aren’t real technical and don’t know what this means, I will spell it out for you. This means that when you launch the program you never, ever know what it will do. The reason for this is that a JavaScript is a program and if the server hosting the JavaScript is compromised then the script can be replaced with anything. The application is provided by a company called Crossrider. Crossrider markets an application builder that allows people to build extensions that work in multiple browsers. This does not mean that the extensions are safe to use however.

Allegations about the Crossrider Application include reports that search preferences are altered and signatures may be appended to email in certain situations. There is a lot of wisdom in not being an early adopter of programs that interact with social networking sites.

For Facebook, the only safe thing to do is to totally disable applications as Facebook has a history of utilizing the technology to share information without your knowledge or consent and most Facebook applications cause Facebook to switch from Https to http, potentially exposing your data to others.

Randy Abrams
Director of Technical Education
Cyber Threat Analysis Center
ESET North America

Leave a reply


TUESDAY, JUNE 18, 2024

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments