Let’s hope security is better this time around. Facebook has brought back most of a popular feature that was the target of a massive hack last year.
Called “View As Public,” or View As for short, the feature allows account holders to see what their profiles look like to people they are not friends with. Apparently, people really are interested in how they look to strangers or exes and even potential employers. But at what cost?
This year, Facebook has had a number of missteps in how it collects, uses and stores users’ personal information. Is it playing with fire by bringing back this potentially risky feature?
Hackers exploit vulnerability in View As code
In September 2018, Facebook announced that View As Public was hacked and up to 50 million accounts had been breached.
By exploiting a vulnerability in the feature’s code, hackers were able to grab users’ access tokens, allowing them to take over people’s accounts. While the access tokens are not users’ passwords, they do allow people to log onto an account without needing a password.
At the time of the hack, Facebook reset the access tokens and asked 90 million users to log back onto Facebook in order to protect their accounts.
Two weeks after the initial announcement, Facebook reported the hack affected 29 million users’ accounts. At the time, the company said the hackers turned out to be spammers trying to get personal information to use for marketing purposes.
After the hack attack, Facebook suspended the View As feature until it worked out the coding issues.
Facebook brings back View As with an added feature
Eight months after removing View As, Facebook said earlier this week that the feature is back. It announced the news as an update to its original September 2018 blog that discussed the hack.
“We have completed our security review and are re-enabling the version of the ‘View As’ feature that lets people see what their profile looks like to people they aren’t friends with on Facebook. This version was unaffected by the security incident and was significantly more popular than ‘View as Specific Person.’”
The View As Specific Person feature allowed users see how their profiles looked for a particular friend. Along with not being as popular as View As, Facebook decided not to restore the View As Specific Person function because it is trying to simplify the feature.
As part of the re-launch, Facebook has added an “Edit Public Details” button on users’ profile pages. The button allows users to make edits to their View As profiles.
The new View As comes weeks after Facebook announced it was splitting the service into two distinct areas. That’s all we need, right…more Facebooks!?!?