2.2 bn Facebook users must log out, re-login across devices: Experts
New Delhi, Sep 29 : After Facebook admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.
Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to "View As" look-up in the last year.
"For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms," Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.
According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.
"When a feature like 'View As' can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability," noted Dr McGraw.
"Design flaws like this lurk in the mind boggling complexity of today's commercial systems, and must be systematically uncovered and corrected when software is being designed and built," he added.
If you've ever wondered what keeps you logged into your account even after you restart your laptop/browser - those are access tokens (cookies).
They maintain a constant session even when your IP changes.
"In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target's account that would give the attacker, complete access of the target's account," said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.
According to experts, they don't know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one's profile data but, in this case, potentially the personal messages, pictures and chats, among others.
"As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc," Saket Modi advised.
Facebook said it does not know who is behind this massive security attack.
"We're working hard to better understand these details and "we will update this post when we have more information, or if the facts change," said the company.
In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Prez nod for FIR against AAP's Manish Sisodia, Satyendar Jain in Rs 2,000-cr classroom 'scam'
New Delhi, Mar 13 (PTI): President Droupadi Murmu has given her approval for the registration of an FIR against AAP leaders Manish Sisodia and Satyendar Jain in an alleged scam of Rs 2,000 crore in the construction of classrooms in Delhi government schools, sources said.
In 2022, the Delhi government's vigilance directorate recommended a probe into the alleged scam and submitted a report to the chief secretary.
The President has given her approval for registering the FIR against Sisodia and Jain in connection with the alleged scam during their tenures as ministers in the Arvind Kejriwal-led Delhi government, the sources said.
The Central Vigilance Commission (CVC), in a report dated February 17, 2020, highlighted "glaring irregularities" in the construction of classrooms in Delhi government schools by the Public Works Department (PWD).
The President's approval came under Section 17A of the Prevention of Corruption Act that pertains to "enquiry or inquiry or investigation of offences relatable to recommendations made or decision taken by public servant in discharge of official functions or duties".
Reacting to the development, senior AAP leader Saurabh Bharadwaj accused the BJP of carrying out a witch-hunt against its political rivals.
The BJP has no interest or intention to fulfil the promises it made to the people of Delhi. Its only agenda is to carry out a witch-hunt against its political rivals to stifle the voice of people, the former minister said in a statement.
The BJP-led central government has already decided to prosecute every political adversary of the party and grant approvals to move the case forward but it should wait for the judicial process to begin, he said.
In July 2019, BJP leader Harish Khurana and then AAP rebel MLA Kapil Mishra, now a minister in the Delhi government, lodged a police complaint about the alleged scam.
According to a report prepared by the Anti-Corruption Bureau (ACB) of the Delhi government, the complainants alleged that there was a scam worth over Rs 2,000 crore in the construction of classrooms and school buildings in Delhi. The work was done at a highly inflated cost by the Delhi government.
The alleged scam involves the construction of around 12,748 classrooms.
The ACB report said the total expenditure incurred for constructing the classrooms and school buildings was around Rs 2,892.65 crore. They were allegedly constructed at the rate of Rs 8,800 per square feet, whereas it was common knowledge that the average construction cost (even for a builder of flats) was around Rs 1,500 per square feet.
The total cost for constructing a classroom and school building, according to the tender awarded, was allegedly around Rs 24.86 lakh per room, whereas such rooms are easily constructed in Delhi at around Rs 5 lakh per room, it said.
The prices were increased almost five times to defraud the taxpayer by siphoning off money from the public exchequer in the garb of construction cost, the report said.
Even for a 5-star hotel, top ultra-luxury quality construction is around Rs 5,000 to Rs 5,500 per square feet, it said.
The complainants submitted a copy of documents in which information received under the RTI Act in respect of the construction of 18 classrooms in the Govt Girls Senior Secondary School, Nathupura, Burari (school ID:-1207111) revealed that they were constructed at a cost of Rs 12 crore, the ACB report said.
