2.2 bn Facebook users must log out, re-login across devices: Experts
New Delhi, Sep 29 : After Facebook admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.
Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to "View As" look-up in the last year.
"For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms," Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.
According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.
"When a feature like 'View As' can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability," noted Dr McGraw.
"Design flaws like this lurk in the mind boggling complexity of today's commercial systems, and must be systematically uncovered and corrected when software is being designed and built," he added.
If you've ever wondered what keeps you logged into your account even after you restart your laptop/browser - those are access tokens (cookies).
They maintain a constant session even when your IP changes.
"In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target's account that would give the attacker, complete access of the target's account," said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.
According to experts, they don't know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one's profile data but, in this case, potentially the personal messages, pictures and chats, among others.
"As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc," Saket Modi advised.
Facebook said it does not know who is behind this massive security attack.
"We're working hard to better understand these details and "we will update this post when we have more information, or if the facts change," said the company.
In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
When is Modi govt going to pay Karnataka's MGNREGS workers their wages, asks Cong
New Delhi (PTI): Attacking the Modi government over key issues in Karnataka, the Congress on Monday questioned the "delay" in the vital Bagalkote-Kudachi Railway line project and also asked when it is going to pay the state's MGNREGS workers their wages.
Congress general secretary Jairam Ramesh posed questions to Prime Minister Narendra Modi ahead of his rally in Bagalkote in Karnataka.
"Why has the Modi Government failed to deliver the Bagalkote-Kudachi Railway line? Why is the Modi Government holding up the Upper Bhadra and Mahadayi projects? When will the PM pay Karnataka's MGNREGA workers?" Ramesh said in a post on X.
Elaborating on what he said were "jumla details", Ramesh said the Bagalkote-Kudachi line of the South-Western Railway has now been delayed by more than eight years.
As of today, only 33 per cent, or 46 km of the 142 km line has been completed, he said.
"Originally sanctioned in 2010-11 at an outlay of Rs 986 crore, the project has now seen its cost balloon to Rs 1,649 crore. Originally supposed to be completed in March 2016, the project is now slated for completion in 2027," Ramesh claimed.
Despite the Karnataka government providing the land for the project free of cost, and contributing 50 per cent of the construction cost, the Modi government has "failed" to deliver on this project, he said.
"Why is this vital rail project facing an 11 year delay? Is it attributable to the Modi Sarkar's incompetence or to its anti-Karnataka tendencies?" Ramesh said.
He further said that in the last year's Union Budget, the Modi government had proudly announced a 5,300 crore grant for the Upper Bhadra Project but more than a year later, state Revenue Minister Krishna Byre Gowda has revealed that not a "single paisa" of this grant has been released.
"During his assembly election campaign, PM Modi had also claimed to resolve long-standing issues with the Mahadayi-Kalasa Banduri Nala Project. Yet, earlier this year, clearance for the project has been deferred by the Union Ministry of Environment, Forests and Climate Change," Ramesh said.
These projects are crucial to expanding drinking water and irrigation access in a state that has been reeling under a severe drought, he noted.
Why has the Modi Government neglected these essential infrastructure projects, Ramesh asked.
"What vendetta does the PM have against the people of Karnataka?" the Congress leader said.
He said that in order to help alleviate the drought-related stress on the rural economy, the Karnataka government has sought to increase the number of working-days under the Mahatma Gandhi National Rural Employment Guarantee Scheme (MGNREGS) from 100 to 150.
"There is a provision in the scheme to do so during periods of drought. However, the Modi Sarkar has not only failed to approve the extension of the scheme, it has also failed to release Rs. 1600 crore towards the payment of wages to those working under MGNREGS," Ramesh said.
When is the Modi government going to pay Karnataka's MGNREGS workers their wages, Ramesh asked.
