A Facebook security flaw – or, perhaps, a misunderstanding – lets Page admins boot the creator of the original Page from admin status, effectively hijacking the Page, Naked Security reports.
One could argue that this is working as intended: if the creator of a Facebook Page lets someone else in as admin, they have the same administrative rights as them, right? Wrong. Facebook’s FAQ clearly states that “the original creator of the Page may never be removed by other Page admins.”
Unfortunately, as visible in the video embedded below, a newly appointed page admin can remove the Page creator’s admin status, which can be very nasty in certain cases. Today, Facebook Pages are more than fun, they’re a serious part of business promotion and losing administrative access to a Page can lead to host of problems.
Is it a security flaw or simply an error in Facebook’s FAQ? According to the Register, it’s the latter. Ultimately, it doesn’t matter: either way it will confuse users and cause problems, since the FAQ says one thing and the reality is very different.
We’ve asked Facebook for comment but haven’t yet heard from them.
Have you ever had a Facebook Page hijacked by another admin? Please, share your experiences in the comments.
[via Naked Security]
More About: bug, facebook, facebook page, hijacking, pageFor more Social Media coverage:Follow Mashable Social Media on TwitterBecome a Fan on FacebookSubscribe to the Social Media channelDownload our free apps for Android, Mac, iPhone and iPad
Posted on Mon, 05 Sep 2011 12:39:06 +0000 at http://feeds.mashable.com/~r/Mashable/~3/JwHzThSM2Fo/
Comments: http://mashable.com/2011/09/05/facebook-flaw-hijack-page/#comments
One could argue that this is working as intended: if the creator of a Facebook Page lets someone else in as admin, they have the same administrative rights as them, right? Wrong. Facebook’s FAQ clearly states that “the original creator of the Page may never be removed by other Page admins.”
Unfortunately, as visible in the video embedded below, a newly appointed page admin can remove the Page creator’s admin status, which can be very nasty in certain cases. Today, Facebook Pages are more than fun, they’re a serious part of business promotion and losing administrative access to a Page can lead to host of problems.
Is it a security flaw or simply an error in Facebook’s FAQ? According to the Register, it’s the latter. Ultimately, it doesn’t matter: either way it will confuse users and cause problems, since the FAQ says one thing and the reality is very different.
We’ve asked Facebook for comment but haven’t yet heard from them.
Have you ever had a Facebook Page hijacked by another admin? Please, share your experiences in the comments.
[via Naked Security]
More About: bug, facebook, facebook page, hijacking, pageFor more Social Media coverage:Follow Mashable Social Media on TwitterBecome a Fan on FacebookSubscribe to the Social Media channelDownload our free apps for Android, Mac, iPhone and iPad
Posted on Mon, 05 Sep 2011 12:39:06 +0000 at http://feeds.mashable.com/~r/Mashable/~3/JwHzThSM2Fo/
Comments: http://mashable.com/2011/09/05/facebook-flaw-hijack-page/#comments
