Facebook doesn’t think hackers accessed third-party sites


Facebook says it has not found any evidence “so far” that its attackers accessed third-party sites through Facebook Login.

It’s a sliver of good news about a massive data breach that the company first disclosed last week. Attackers accessed as many as 50 million accounts in the largest such breach of Facebook’s network.

“We have now analyzed our logs for all third-party apps installed or logged during the attack we discovered last week. That investigation has so far found no evidence that the attackers accessed any apps using Facebook Login.” said Facebook’s Guy Rosen in a statement.

On Friday, Facebook (FB) announced unknown attackers had exploited a vulnerability to access the accounts. They were able to view other people’s Facebook profiles as if they were the accounts’ owners. For example, they could see friends’ profiles and updates.

Facebook says it closed the loophole on Thursday night, but 90 million users were forcefully logged out of their accounts as a precaution.

The attackers stole Facebook “access tokens,” which keep a person logged into their Facebook account over long periods. Facebook reset all 50 million tokens, as well as tokens for an additional 40 million people who had used the “view as” feature in the past year as a precautionary step.

During a call about the hack last week, Rosen said the attackers would have also been able to access third-party sites using Facebook Login, but the company had found no evidence of them doing so.

Hundreds of sites and apps including Tinder, Spotify and Airbnb use Facebook Login, which lets people access the services with their Facebook username and password. Early this week, developers were confused about whether their services had been exposed in the Facebook hack.

The company says partners following Facebook “best practices” were automatically protected. Some developers might not have followed those rules, and they could have put their users at risk.

“We’re sorry that this attack happened — and we’ll continue to update people as we find out more,” Rosen said.

— CNN’s Donie O’Sullivan contributed reporting.

CNNMoney (San Francisco ) First published October 2, 2018: 7:13 PM ET



Source link

High Court decides ‘Palace letters’ written during the Whitlam dismissal can be accessed by historian Jenny Hocking


Historian Jenny Hocking has won her High Court bid to access the letters exchanged between then governor-general Sir John Kerr and the Queen around the time of the dismissal of the Whitlam government.

Until now, the National Archives of Australia had refused to release the documents, known as the “Palace letters”, saying they were private papers.

But Professor Hocking told the High Court correspondence between a governor-general and a monarch was the property of the Commonwealth, and not private.

In a majority ruling, the High Court agreed with Professor Hocking, and found the letters to be Commonwealth records.

“I’m absolutely delighted,” Professor Hocking said.

Letters could provide insight into Whitlam government dismissal

Gough Whitlam speaks on the Parliament House steps
Gough Whitlam speaks outside Parliament House in Canberra after his government’s dismissal on November 11, 1975. The release of the Palace letters may shed light on what happened.(Australian Information Service/National Library of Australia: nla.pic-an24355082)

Today’s ruling means Professor Hocking will finally be able to view the letters, which could hold important information about Australia’s history.

The reasons for the dismissal of the Whitlam government in 1975 have long been debated, and these letters may provide clarity about what the Queen knew about Australia’s greatest constitutional crisis.

“It’s a story that has been absolutely clouded in secrecy, in distortion and in so much unknown,” Professor Hocking said.

Alongside the correspondence between the Queen and Sir John known as the “Palace letters”, the National Archives also holds telegrams and attachments like newspaper clippings, exchanged between August 15, 1974 and December 5, 1977.

The material was deposited in 1978, after Sir John left the office, by Sir David Smith, the official secretary to the governor-general.

The letters were due for release 12 years ago, but, because they had been marked as “private” correspondence rather than “Commonwealth records”, they were not covered by the rules binding Commonwealth documents.

“Without this High Court decision, we were in the most extraordinary situation where pivotal historical documents were kept in our own archives and embargoed by the Queen,” Professor Hocking said.

“This historic decision has overturned that. It reasserts Australian law over Australian archives and it also challenges … royal secrecy, where the activities of the monarch have been able to be shrouded in secrecy through the notion of confidentially and personal records.”

End of a long battle for Hocking

A woman wearing glasses.
Professor Jenny Hocking has won her High Court bid.(AAP: Peter Rae)

Today’s win comes after a series of court battles, since Professor Hocking first sought access to the letters in 2016.

Professor Hocking had already lost a Federal Court bid to overturn the decision to keep the letters private, which was made by the National Archives.

During the High Court hearing in February, Professor Hocking acknowledged the long legal process, but she was delighted to have had the case heard by the highest legal court in Australia.

“It’s about our history, it’s about our knowledge of our history, but it’s also about having control over our own national archival resources,” she said.

Professor Hocking’s lawyers told the High Court that the documents were created and received by the governor-general as part of his official job, and therefore were the property of the Commonwealth.

“[The] evidence did not show that any person who dealt with the records or similar correspondence between a governor-general and the Queen perceived that the Australian copy of those records was the personal property of the person who was governor-general,” the submissions read.

The High Court was also told there was a constitutional issue if a governor-general were to derive personal property in his communications with the Queen while in office.

Sir John Kerr speaks in front of a microphone in the middle of the SCG during the 1974 NSWRL Grand Final.
The letters between Sir John Kerr (pictured) and the Queen can now be accessed.(National Library of Australia/Ern McQuillan)

The judgement was delivered in Brisbane this morning, because COVID-19 restrictions have prevented the bench to travel to the High Court of Australia in Canberra. 

Professor Hocking received the news in Melbourne, and is planning to travel to Canberra to access the letters soon.

“I really look forward to going into the archives next week and speaking to the director-general … and ensuring that I can see all 211 of these Palace letters as soon as the National Archives reopens,” she said.

“But as biographer and a historian, what is most pleasing to me is that we will have sorts of documentation that we need to write accurate history.”



Source link