AT&T fixes bug that logged users into random Facebook accounts
Nilay Patel|January 18, 2010 11:04 PM
Okay, so we were under the impression that Facebook login credentials were a locally-managed affair, but it looks like almost anything can break when AT&T's involved -- according to CNET, the carrier just fixed "several problems" that had users logging into the wrong Facebook account from their phones. The issue was apparently related to subscriber identification numbers being mistranslated into bad URL session IDs, and AT&T says it's taken some security measures to prevent it from happening again, while Facebook's just shut off the automatic login feature that used the ID number entirely. Excellent work all around. Unfortunately, there's also a pesky incident in Atlanta where someone was able to login to another Facebook account from an AT&T phone due to a bad cookie, but AT&T says that was an "isolated" case and that it's "unclear how this cookie was set on the phone." How very reassuring. Back to Friendster!