Very few students receive a highly sought after internship from Facebook, but for those lucky enough to be chosen as part of the internship program their future is filled with success.
Recently Aran Khana, a student at Harvard University was granted an internship from Facebook, and did the unthinkable. He created an application exposing security vulnerabilities in Facebook messenger, and he was booted from the internship program as a result. Now the internet is up in arms about his rescinded invitation to be a part of the Facebook team, and the importance of the information that the student exposed.
How Does This Vulnerability Leave Facebook Messenger Users In Danger?
The application is designed to allow users pinpoint others using Facebook messenger exact locations. It is aptly named Marauders Map (http://newsroom.fb.com/news/2015/06/a-new-way-to-send-a-location-in-messenger/), after the map in the popular ‘Harry Potter’ book series which allows its users to see locations of other students on the map. Although the App began trending almost immediately after its release, it revealed a serious error on Facebook’s part. The app stems from the messenger function (http://newsroom.fb.com/news/2015/06/a-new-way-to-send-a-location-in-messenger/) which allows users to send their locations to contacts.
What Is Being Done to Correct the Issues?
Rather than discontinue archiving locations, Facebook has added a feature which allows users to be opt to having their locations known. Khana describes the way that Facebook chose to handle the odd situation they were presented with, “Nine days after the release, Facebook made sharing geo-location data an opt-in feature, allowing users to select to share personal geolocations in Facebook Messenger, although all historical geo-location data is still archived and shared.”
For Khana the lack of concern for privacy among Facebook Messenger users are alarming. He is hoping that eventually users will become concerned, and Facebook can change their policy, or adopt new programming that doesn’t catalogue all of the locations of their users, “The results of the study suggest sufficient public attention may be necessary for redress of reported privacy.”
The Fate of the Student Who Lost a Job With Facebook
In a paper that he published online Khana details what it is exactly that he revealed through developing his application. “Noticing a lack of significant public response to the visible nature of geo-location data on Facebook Messenger, despite media coverage dating back to 2012, I hypothesized that users were either (1) not aware, or (2) not concerned about the collection and visibility of their geo-location data on the app.”
Khana developed the app with intention of allowing Facebook messenger app users to see exactly how they are being tracked while using the Facebook messenger application, and the response was overwhelming according to Khana, “My tool has been downloaded over 85,000 times since its release, and more than 170 global news publications linked to my post.” He goes on address the attention he received directly from Facebook “During the first three days after release of the geo-location mapping tool, Facebook also responded by demanding that I take down the tool, which I did.”
Facebook’s only response to the astounding lack of privacy of their users is to let Khana go as an intern. Khana may never have the chance to work for Facebook again, but given the attention he has received for his findings, chances are he won’t find himself unemployed after graduating from Harvard University.
