Facebook appears to have U-turned on plans to allow external websites to see users’ addresses and mobile phone numbers.
Security experts pointed out that such a system would be ripe for exploitation from rogue app developers.
The feature has been put on “temporary hold”, the social networking firm said in its developers blog.
It said it needed to find a more robust way to make sure users know what information they are handing over.
Read more on BBC.
Over on Naked Security, the blog that first alerted everyone to new development, Chester Wisniewski writes:
The best solution would be to permit users to provide this data, via a dropdown or checkbox, when they choose to add an application, but it should not be required. Users who want the convenience that Facebook is offering should be able to choose to share their information, but those of us who are more security conscious should be able to opt out and elect to type it in when necessary.
Facebook has been pushing the boundaries of privacy for a long time, but despite the uproar, few in the community have abandoned the service. It is great news that Facebook is responding to the outrage about this recent change, but I wonder if most users will be satisfied with their eventual solution.
Read more on Naked Security.