2.2 bn Facebook users must log out, re-login across devices: Experts
New Delhi, Sep 29 : After Facebook admitted that hackers broke into nearly 50 million users' accounts by stealing their "access tokens" or digital keys, cyber experts on Saturday warned over 2.3 billion users to log out and log back into Facebook, or any of third-party apps that use Facebook login.
Facebook has reset the access tokens of almost 50 million accounts it knew were affected. It has also taken the precautionary step of resetting access tokens for another 40 million accounts that have been subject to "View As" look-up in the last year.
"For now, logging out and back in is all that is necessary. The truly concerned should use this as a reminder and an opportunity to review all of their security and privacy settings on Facebook and all other social media platforms," Chester Wisniewski, Principal Research Scientist with global cyber security major Sophos, told IANS.
According to Dr Gary McGraw, Vice President of Security Technology, Synopsys (Software Integrity Group), this breach emphasises just how important software security is, and how subtle solid security engineering can be.
"When a feature like 'View As' can be turned on its head into an exploit, it indicates a design problem that led to unanticipated security vulnerability," noted Dr McGraw.
"Design flaws like this lurk in the mind boggling complexity of today's commercial systems, and must be systematically uncovered and corrected when software is being designed and built," he added.
If you've ever wondered what keeps you logged into your account even after you restart your laptop/browser - those are access tokens (cookies).
They maintain a constant session even when your IP changes.
"In this case, hackers were able to steal these tokens, which basically means the hacker could fool Facebook servers to believe they are the authorised users of the target's account that would give the attacker, complete access of the target's account," said Saket Modi, CEO and Co-Founder of Lucideus, an IT risk assessment and digital security services provider.
According to experts, they don't know for how long the vulnerability existed, who the hackers were and the extent of damage that might have been caused in terms of stealing not only one's profile data but, in this case, potentially the personal messages, pictures and chats, among others.
"As a precaution, all Facebook users must log out and re-login into all the gadgets that they have their Facebook session active like your cell phone (app or browser), laptop and desktop, etc," Saket Modi advised.
Facebook said it does not know who is behind this massive security attack.
"We're working hard to better understand these details and "we will update this post when we have more information, or if the facts change," said the company.
In the Cambridge Analytica scandal, data of nearly 87 million people was breached upon.
Let the Truth be known. If you read VB and like VB, please be a VB Supporter and Help us deliver the Truth to one and all.
Fascism will not be allowed to enter through the back door of vote rigging: CM Siddaramaiah
New Delhi: Chief Minister Siddaramaiah on Sunday asserted that fascism would not be allowed to enter India “through the back door of vote rigging” and called upon citizens to collectively defend the country’s democratic foundations.
Speaking after participating in an anti–vote rigging protest organised in New Delhi, Siddaramaiah said the gathering was not merely a political demonstration but a stand to protect Indian democracy. “We have come to the heart of our republic not as Congress workers or voters, but as protectors of Indian democracy,” he said.
Emphasising the importance of the right to vote, Siddaramaiah said it was the most sacred right guaranteed by the Constitution and the very foundation of democracy.
“Through voting, a farmer shapes the future of his children, a worker safeguards his dignity, a youth realises dreams, and a nation expresses its collective will,” he said.
He accused the BJP-led Union government of attempting to undermine this right through what he termed systematic vote rigging, including the alleged misuse of the special revision of electoral rolls. “This power is being stolen repeatedly,” he alleged.
ALSO READ: Bantwal police arrest two men for illegal sale of narcotics, seize two vehicles, 810 gm ganja
Warning against authoritarian tendencies, Siddaramaiah said history had shown that dictatorship does not begin with violence but with the misuse of institutions and manipulation of democratic systems.
“Across the world, authoritarian regimes pretend to protect democracy while quietly subverting it. This is what the BJP is doing today,” he charged.
He alleged that the ruling party was controlling institutions, intimidating electoral machinery, distorting voter lists, suppressing voter turnout in opposition strongholds, and misusing money and power. “This is not mere maladministration. Vote rigging is an attack on the very idea of India,” he said.
Siddaramaiah further claimed that governments formed through “stolen votes” could not be considered democratic.
“Such regimes survive through fear, fraud and distortion of the people’s mandate,” he said, adding that vote rigging posed the biggest threat to the republic since Independence.
Praising Leader of the Opposition in the Lok Sabha Rahul Gandhi, Siddaramaiah said he had shown exceptional courage in exposing alleged irregularities in voter lists, booth-level manipulation and “systematic, organised vote rigging” across several states, including Karnataka, Haryana and Bihar.
Referring to Karnataka, Siddaramaiah cited Mahadevpura and Aland constituencies as examples highlighted by Gandhi. In Mahadevpura, he said, thousands of allegedly fake and fraudulent voter entries and discrepancies in electoral rolls pointed to a narrow BJP victory. In Aland, he said, attempts were made to remove the names of legitimate voters ahead of the 2023 Assembly elections.
ALSO READ: Chamrajnagar: Woman arrested for selling ganja atop Male Mahadeshwara Hills
He noted that a Special Investigation Team (SIT) had recently filed a chargesheet accusing seven persons, including a former BJP MLA and his son, of attempting to delete the names of around 6,000 voters in Aland.
“This is a significant legal step in the fight against vote rigging,” he said.
Siddaramaiah concluded by stating that the fight against vote rigging was rooted in constitutional morality, Ambedkarite thought and the core principle of democracy. “Sovereignty belongs to the people, not to any party, regime or those who seek to steal elections,” he said.
