Facebook Stored Hundreds of Millions Passwords in Plain Text, Thousands of Employees Had Access

[smithrh]

Every turd knows you salt the password and hash it and never ever store anything other than the hash. The password should never even have been transmitted to Facebook, but that’s a whole other story.

These guys should be shut down.

Yep.

Yes. At this point, storing non-hashed passwords should be a criminal offense. Period. The CEO and Chief Engineer of any firm doing it should get jail time for it. That will stop it. This isn't rocket science either, the protocols to make this kind of thing impossible are pretty well known.

Yep.

No one, but *no one* stores passwords in plain text accidentally. *NO ONE.*

This is otherwise known as "poisoning the well".

Facebook is covering its tracks for something nefarious it did or helped the government do, that's all.

"We or the government did some bad **** using a user's password on another site, but look! Passwords to do so were stored in plain text! Wasn't us, it was, um, hackers! Yep!"

This is all very standard stuff.

Even though this is a brand new poster, I think they're on to something here.

To NOT salt passwords is very very odd.

 

[Zedcars]

Facebook? People still use that thing?

Are people completely ignorant of their immorality and laissez-faire attitude towards security and privacy, or do they just not care?

 

[dammyonline]

Delete Facebook? Where are you going to go? Google+?

This made me lol

 

[charlituna]

Almost as bad as MacOS no root password.

not really. because to exploit the root password bug you had to have access to a computer with root access enabled. which means being in front of the computer or a computer where the user turned off the defaults that block remote access.

with this 'exploit' anyone with that list can access your account. so that's tons of facebook employees, anyone they sold the list to and so on

 

[luvbug]

Delete Facebook? Where are you going to go? Google+?

So you feel that FB, or equivalent, is a life necessity? My God, what have we done? If the people you communicate with on FB are, actually, friends, have them install Signal and create a group with those folks. Bam! Share vids, pics, audio, text interesting links, ALL ENCRYPTED end-to-end. No logging, open source, audited. There are actually *very* good alternatives to FB, but *you* have to *do* something. Therein lies the rub, I guess.

 

[gaximus]

Delete Facebook? Where are you going to go? Google+?

Why do we have to go anywhere?

 

[dontwalkhand]

I dont feel bad for Zuckerberg for a second over the autobahn speed dumpster fire car crash that is Facebook that none of us can look away from.

Karma is so frigging beautiful. And to think, the demise of Zuck/FB is only in its earliest phase. Popcorn.gif

Good luck with that new privacy-centric platform pitch too, credible Lizardman!

He'll be lucky to go the way of Tom; irrelevant. In more likelihood, jail time and litigation issues / scandals piling up until his old age. He certainly will not have gotten the last laugh, proverbially speaking.

I think in the end, Tom wasn't just everyone's friend on MySpace, he was indirectly everyone's friend IRL.

The platform caving on itself was a great 'avante-garde' gift to humanity; Nobel Peace Prize worthy imo!

And while I engage in debate often in polarizing pol threads, I think we *all* can rally behind the fact both sides are equally furious (for different reasons) at Facebook... Maybe thats the sort of common ground unity we need?

Maybe with the fall of Facebook bulletin board sites like ex: macrumors etc will rise again. Facebook is the reason why BB sites went by the wayside except for larger sites like this one.

 

[reden]

Delete Facebook and delete your accounts

How? I thought it as impossible even if you did “delete” it.

 

[sw1tcher]

Delete Facebook? Where are you going to go? Google+?

Why does anyone have to use anything?

 

[blacktape242]

class action in 3....2....1.... ?????

 

[Porco]

I wondered why I had gotten so many ads for horses, batteries and staples lately...

 

[MoreRumors?]

Delete Facebook? Where are you going to go? Google+?

Google+ is going to be closing down soon.

 

[sw1tcher]

Delete Facebook and delete your accounts

Delete Facebook after you've already given them your data? LMAO.

So you delete Facebook. Okay, so that takes care of your user-generated content.

But what about the data on you that your friends and family members have provided to Facebook and who have not deleted their Facebook accounts yet?

And there's also the logged data Facebook keeps.

For-eh-ver.

See https://www.cbsnews.com/news/ok-youve-deleted-facebook-but-is-your-data-still-out-there/

Facebook has two types of databases of user content, according to Paul-Olivier Dehaye, co-founder of PersonalData.IO, a service that helps consumers track their data.

One collects user-generated content, such as status updates and photos.

The other is for log data -- a record of what a user does, such as when they log in, click on a Facebook group or post a comment.

"When you delete your account, all the user generated content is normally erased (although there are small exceptions), while all the log data is preserved – forever." The preserved log data won't have your name attached to it.

One catch: Data about consumers posted by friends and family members will remain with the service as long as they remain on the social-media service, according to Facebook's Help Center. "Keep in mind that information that others have shared about you is not part of your account and will not be deleted when you delete your account," Facebook says in its data policy.

 

[dontwalkhand]

Hah, there is no worse game company (although Bethesda is getting there), but I don't think EA is destroying our society.


I don't think Amazon is that bad. I don't put their listening devices in my home, and they are putting the squeeze on local businesses, but I don't think Amazon is destroying the very fabric of our society in how we communicate, learn, and lose our privacy. But they definitely need to be watched carefully. I am no longer going to buy an EERO when I upgrade to mesh when WiFi 6 is widely available since they bought it. But I'd rather use Alexa and all of that stuff than FaceBook's creepy box.

I suggest skipping mesh entirely and going straight to enterprise equipment! I went with a Sonicwall and SonicPOINT APs and never looked back. Most reliable WiFi ever.

 

[mudflap]

iMessage, Apple News, Twitter, real life social interaction...

Those are nothing like Facebook, though.

 

[dontwalkhand]

Those are nothing like Facebook, though.

Right. They’re better.

 

[mi7chy]

not really. because to exploit the root password bug you had to have access to a computer with root access enabled. which means being in front of the computer or a computer where the user turned off the defaults that block remote access.

with this 'exploit' anyone with that list can access your account. so that's tons of facebook employees, anyone they sold the list to and so on

Yes, really. They're both local exploits (internal access only FB DB) but MacOS gives you root access while FB gives user access so not as bad.

 

[Seanm87]

GAWD I HATE this company.
Who even still has a FB account?

Over 2 billion people

 

[0947347]

Honest question: Is there a worse company than FaceBook?

Not the same category, but definitely
MONSANTO. So far Facebook didn’t manage to literally kill millions of people, like Monsanto did.

 

[nzcatfood]

Seriously, WTF is wrong with this godforsaken company?! It has never understood the concept of user privacy and is continually apologising for supposed privacy mistakes.

 

[MoreRumors?]

I don't believe what FB says anymore...

 

[mudflap]

Right. They’re better.

None of them let me keep in touch with my family and friends that live in other states or across the ocean, letting us share photos, memories and stories. I'm not looking for a way to meet new people and neither are my family and friends. We just want to stay in the loop with each other.

So instead of snark, maybe come up with a real, viable recommendation?
[doublepost=1553200326][/doublepost]

Monsanto. So far Facebook didn’t manage to literally kill millions of people, like Monsanto did.

Monsanto has not killed millions of people. Christ almighty.

 

[drumcat]

Honest question: Is there a worse company than FaceBook?

Spirit Airlines.

 

[macduke]

I suggest skipping mesh entirely and going straight to enterprise equipment! I went with a Sonicwall and SonicPOINT APs and never looked back. Most reliable WiFi ever.

Interesting. Haven't thought about that. Sounds pricey but so is mesh. We have gigabit now in our area and I'd like to be able to broadcast it all over my house at near full speed, which is about 3000sqft.
[doublepost=1553202468][/doublepost]

Spirit Airlines.

Haven't heard about why you would think that. Have heard about many of the United horror stories. I flew with Spirit once several years ago, I think to Houston. It was nice and inexpensive when we traveled. Are they killing pets and beating up people like United?

 

[amaze1499]

Delete Facebook? Where are you going to go? Google+?

Google+ will be discontinued in the beginning of April due to lack of acceptance according to a google status update I got recently via email.