最近,他們又爆出了一個(gè)特大簍子:很多用戶的密碼竟然是用明文儲(chǔ)存的,員工可以隨意查看……
Facebook is currently investigating the extent to which it accidentally logged and stored unencrypted password data, according to security expert Brian Krebs.
據(jù)安全專家布萊恩·克雷布斯稱,F(xiàn)acebook目前正在調(diào)查其意外記錄并存儲(chǔ)未加密密碼數(shù)據(jù)的事到底有多嚴(yán)重。
This is just the latest in a long line of privacy-related scandals Facebook has endured, further calling into question its ability to keep users secure.
這只是Facebook一長串與隱私有關(guān)的丑聞中最新的一件,這讓人們進(jìn)一步質(zhì)疑其保護(hù)用戶安全的能力。
Citing anonymous sources, the report says Facebook employees built applications that stored password data for between 200 million and 600 million users in plain text on internal servers.
報(bào)告引用匿名人士的話說道,F(xiàn)acebook員工開發(fā)的應(yīng)用程序在內(nèi)部服務(wù)器上以純文本形式為2億至6億用戶存儲(chǔ)密碼數(shù)據(jù)。
More than 20,000 Facebook employees had searchable access to those accounts. The investigation is ongoing, but already the company has found vulnerable data that dates back to 2012, writes Krebs.
超過2萬名Facebook員工可以搜索訪問這些賬戶。這項(xiàng)調(diào)查仍在進(jìn)行中,但是該公司已經(jīng)發(fā)現(xiàn)了可以追溯到2012年的易受攻擊的數(shù)據(jù),克雷布斯寫道。
His source says 2,000 developers and engineers turned up plain text passwords within 9 million data queries. The company allegedly does not know how many passwords were exposed, or for how long.
他的消息來源說,2000名開發(fā)人員和工程師在900萬個(gè)數(shù)據(jù)查詢中發(fā)現(xiàn)了純文本密碼。據(jù)稱,該公司不知道有多少密碼被泄露,也不知道泄露了多長時(shí)間。
Facebook has come under scrutiny for the way it handles user data, and with whom it shares that data.
Facebook因?yàn)槠涮幚碛脩魯?shù)據(jù)的方式,以及與誰共享這些數(shù)據(jù)而受到了密切關(guān)注。
In September 2018, the company revealed an attack on its network that affected the personal data of some 50 million accounts. More recently, Facebook CEO Mark Zuckerberg vowed to take user privacy more seriously and promised more encryption and other privacy tools.
2018年9月,該公司披露其網(wǎng)絡(luò)受到攻擊,影響了約5000萬個(gè)賬戶的個(gè)人數(shù)據(jù)。最近,F(xiàn)acebook的首席執(zhí)行官馬克·扎克伯格發(fā)誓會(huì)更加嚴(yán)肅地對待用戶隱私,并且承諾提供更多加密和其他保密工具。
Critics called into question Facebook’s ability to develop a privacy-centered platform–and the consequences of such a move, since encryption could make it more difficult to track toxic content on the platform.
批評(píng)人士對Facebook開發(fā)以隱私為中心的平臺(tái)的能力,以及此舉的后果提出質(zhì)疑,因?yàn)榧用芸赡軙?huì)加大追蹤平臺(tái)上不良內(nèi)容的難度。
In a conversation with Krebs, Facebook engineer Scott Renfro said users would not likely have to change their passwords, because there was no evidence that employees searched for passwords explicitly.
在與克雷布斯的談話中,F(xiàn)acebook工程師 斯科特·弗蘭洛表示,用戶不太可能需要更改密碼,因?yàn)闆]有證據(jù)表明員工會(huì)明確地搜索密碼。
In a blog post on password security, Facebook noted that it expects to notify, “hundreds of millions of Facebook Light users, tens of millions of other Facebook users, and tens of thousands of Instagram users.”
Facebook在一篇關(guān)于密碼安全的博客文章中指出,它預(yù)計(jì)會(huì)向“數(shù)以億計(jì)的Facebook輕用戶、數(shù)千萬計(jì)的其他Facebook用戶、和數(shù)以萬計(jì)的Instagram用戶”發(fā)出通知。