End the Lie

Anti-virus software shows Facebook app stole Android users’ phone numbers without their consent

Decrease Font Size Increase Font Size Text Size Print This Page

By End the Lie

(Image credit: Robert Scoble/Flickr)

(Image credit: Robert Scoble/Flickr)

The mobile anti-virus and anti-malware software produced by Norton discovered that the Facebook application for Android was secretly identifying users’ phone numbers and sending them to Facebook’s servers.

This news is especially interesting given Facebook’s role in the recently revealed National Security Agency (NSA) programs. Indeed, Martin Dempsey, chairman of the Joint Chiefs of Staff, reportedly met with Facebook executives to discuss the program.

Facebook also enjoys a cozy relationship with the intelligence community. The former chief security officer for Facebook left the internet giant for the NSA and the company quite clearly works with government as the latest leaks have shown.

A student group in Europe has also filed a complaint against Facebook over the handling of private data and last year a report revealed that Facebook was spying on smartphone users’ text messages.

In this latest instance of the violation of user privacy, Facebook’s Android application leaked the user’s phone number even before logging in.

This happened the first time the user launched the Facebook application and the number “will be sent over the Internet to Facebook servers.”

“You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen,” Norton said in an official post.

A “significant portion” of the hundreds of millions of people who have installed the Facebook application were affected, according to Norton, the makers of Symantec.

It’s worth noting that in the past, Symantec has published information on an intelligence gathering virus based on the U.S./Israeli-made Stuxnet worm and one Symantec researcher revealed that the U.S. targeted an Iranian nuclear research facility before it was built. However, last year Symantec also backed CISPA, a highly controversial piece of legislation.

Facebook told Norton that they “investigated the issue and will provide a fix in their next Facebook for Android release.”

“They stated they did not use or process the phone numbers and have deleted them from their servers,” Norton stated in the post.

Far more worrisome, however, is the fact that Norton says it is not the only application guilty of leaking private data.

“Unfortunately, the Facebook application is not the only application leaking private data or even the worst,” the company said. “We will continue to post information about risky applications to this blog in the upcoming weeks.”

Google Play has a quite abysmal privacy history. Earlier this year it was reported that Google was sending highly personal information to application developers without users consent or knowledge.

Just nine days ago, it was also reported that Facebook leaked the contact information of some six million users.

I’d love to hear your opinion, take a look at your story tips and even your original writing if you would like to get it published. Please email me at [email protected]

Please support alternative news and help us start paying contributors by donating, doing your shopping through our Amazon link or check out some must-have products at our store.

3 Responses to Anti-virus software shows Facebook app stole Android users’ phone numbers without their consent

  1. Pingback: » Anti-virus software shows Facebook app stole Android users’ phone numbers without their consent Eyes Open Report

  2. Mannard July 1, 2013 at 1:57 PM

    Not that I don’t believe Facebook would steal users’ data (Since after all, they are the NSA) – But who in their right mind would trust Norton? Symantec is an evil company who would chop down a 500 year old tree to make a parking space (and has).

  3. Jairod July 1, 2013 at 3:36 PM

    I knew this was happening when FACEBOOK asked me if my number was ***-***-****. And indeed it was but i did not acknowledge the fact.


Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>