Risk
7/3/2012
11:57 AM
Connect Directly
RSS
E-Mail
50%
50%

Facebook To Fix Smartphone Email Snafu

Android and iOS users report some contacts are being forcibly updated to an "@facebook.com" email address.

5 Social Networks To Achieve 10 Business Tasks
5 Social Networks To Achieve 10 Business Tasks
(click image for larger view and for slideshow)
Have your smartphone contacts' email addresses been automatically updated to make their "@facebook.com" email addresses the new default? If so, you're not alone.

"Some smartphone users, particularly those using older Android devices, are reporting that their on-phone address books have been silently updated to make @facebook.com email addresses the default way to send a message to their contacts," said Graham Cluley, senior technology consultant at Sophos, Tuesday in a blog post.

Some iOS 6 beta testers have reported similar issues. "This is presumably because one of iOS 6's features is greater synchronization for the iPhone/iPad with Facebook," he said.

[ Despite its disappointing IPO, does Facebook have potential for future greatness? Read more at The Second Coming Of Facebook. ]

Related bug reports have been appearing recently on online forums. "This morning my mother was complaining that many of the email addresses in her Droid Razr contacts had been replaced with Facebook ones," read one such post to Hacker News. "It would seem the Facebook app had been populating her address book with emails and contact photos and decided to migrate all her Facebook-using contacts over to this convenient new system."

Tuesday, a Facebook spokeswoman confirmed that the social network is working on a fix for two problems--one involving synchronizing contacts on mobile devices, and another relating to Facebook Messaging.

In terms of contact synchronization, which is performed using an API, the spokeswoman said via email, "For most devices, we've verified that the API is working correctly and pulling the primary email address associated with the users' Facebook account. However, for people on certain devices, a bug meant that the device was pulling the last email address added to the account rather than the primary email address, resulting in @facebook.com addresses being pulled."

"We are in the process of fixing this issue and it will be resolved soon," she continued. "After that, those specific devices should pull the correct addresses."

Meanwhile, Facebook is also working to resolve a messaging-related issue that could result in people's Facebook messages going undelivered, without the sender receiving a notification that the message hadn't been delivered. "If someone sends you an email to your @facebook.com email address and it's from an address associated with a Facebook friend or friend of friend's accounts, it will go into the inbox," the Facebook spokeswoman said. "If it's from an address not associated with a friend or friend of friend's Facebook account, it will go into your other folder. However, if you've specified in privacy settings that you only want to receive messages from friends or friend of friends, then the message will bounce." "We've noticed that in a very limited number of cases, the bounce e-mail back to the original sender may not be delivered because it may get intercepted by spam filters," she said. "We are working to make sure that e-mail senders consistently receive bounce messages."

Pending fixes aside, Sophos' Cluley advised all Facebook users to review which of their email addresses the social network is currently listing, especially in the wake of Facebook recently changing all users' default email addresses to "@facebook.com" based on the URL of their public profile. "I would still strongly recommend checking that you are happy with what email addresses (if any) you are showing on your Facebook profile, and whether you want to sync your smartphone's address book with the site," he said.

New apps promise to inject social features across entire workflows, raising new problems for IT. In the new, all-digital Social Networking issue of InformationWeek, find out how companies are making social networking part of the way their employees work. Also in this issue: How to better manage your video data. (Free with registration.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
ANON1245867443530
50%
50%
ANON1245867443530,
User Rank: Apprentice
7/4/2012 | 2:38:26 AM
re: Facebook To Fix Smartphone Email Snafu
Yeah, that's what happens when you give personal data to inept bunglers like Facebook. This policy alone should've made it clear that we're dealing with amateur hour: http://goldmanosi.blogspot.com...
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-0334
Published: 2014-10-31
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.

CVE-2014-2334
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2335
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2336.

CVE-2014-2336
Published: 2014-10-31
Multiple cross-site scripting (XSS) vulnerabilities in the Web User Interface in Fortinet FortiManager before 5.0.7 and FortiAnalyzer before 5.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-2334 and CVE-2014-2335.

CVE-2014-3366
Published: 2014-10-31
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.