funsec mailing list archives
Re: Your Facebook account. Give it to me.
From: Imri Goldberg <lorgandon () gmail com>
Date: Wed, 5 Jan 2011 21:22:08 +0200
On Wed, Jan 5, 2011 at 1:45 AM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <rmslade () shaw ca> wrote:
Any Facebbok app, of course, is allowed to access *all* of your Facebook information. There does seem to be a way to limit access of "remote" apps, but I don't know how effective that is.
Actually, afaik this is not correct. When you write a facebook app, you have to specify which permissions you request on user login. For a list of their extended permissions see http://developers.facebook.com/docs/authentication/permissions For the user, when logging in to the application, a window pops up detailing which permissions are requested and the user can decline. Of course, in such cases you will usually not be using the app. If you were referring to selective blocking of permissions by the user while still using the app, then you are correct. (For example, app requests to see my likes. I "install the app", but it still can't see my likes. Afaik, this isn't possible, but I might be mistaken on this one). Cheers, Imri -- Imri Goldberg -------------------------------------- http://plnnr.com/ - automatic trip planning http://www.algorithm.co.il/blogs/ -------------------------------------- -- insert signature here ----
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Your Facebook account. Give it to me. Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 04)
- Re: Your Facebook account. Give it to me. der Mouse (Jan 05)
- Re: Your Facebook account. Give it to me. silky (Jan 06)
- Re: Your Facebook account. Give it to me. Imri Goldberg (Jan 05)
- Re: Your Facebook account. Give it to me. Joel Esler (Jan 06)
- Re: Your Facebook account. Give it to me. der Mouse (Jan 05)