Facebook fixing forgery bug

Wednesday - 5/19/2010, 8:30am EDT

Cybersecurity Update - Tune in weekdays at 30 minutes past the hour for the latest cybersecurity news on The Federal Drive with Tom Temin and Amy Morris (6-10 a.m.) and The DorobekInsider with Chris Dorobek (3-7 p.m.). Listen live at FederalNewsRadio.com or on the radio at 1500 and 820 AM in the Washington, D.C. metro area.

  • A heads-up for Federal FaceBook users: Facebook is fixing a bug that potentially lets hackers change any user's page or make restricted information available to the public. According to ComputerWorld, the flaw was found last week by M. J. Keith, a security analyst with Alert Logic. He reported it to FaceBook. The bug lies in the way Facebook ensures Web browsers connecting with its servers are the ones they claim to be. Facebook's servers check a certain authentication token before allowing users to change their pages. Keith discovered that by deleting the token from messages, he could change settings on any Facebook account. Tuesday afternoon the bug had not been completely fixed.

  • Connecticut Senator Joe Lieberman plans to include procurement provisions in his new cybersecurity bill. A Democratic aide cited in NextGov says the measure would require acquisition officers to learn about security vulnerabilities in technology products. The staffer, Debrorah Perkinson, says the requirement would shape the security posture in the IT market, because acquisition workers would have better information on product safeguards and deficiencies.

  • About 3,000 communications officers are now cyberspace officers. The Air Force Times reports 30,000 airmen are now digital warriors on the front lines of cyber warfare. The officers made the switch last month; the changeover for 27,000 enlisted airmen happened in November. The Air Force says the transformation from communications to Cyberspace officers will continue computer support and create go-to experts on how a computer or communication network can improve war-fighting capabilities.