When two sisters and their mother logged into Facebook using their mobile phones they each ended up in someone else's account.
San Francisco--Last weekend Candace Sawyer typed in Facebook .com into her Nokia smart phone. She wasn't asked her user name or password but was taken immediately into an unfamiliar account. She saw a picture of the page's owner and said with a laugh, "He's white -- I'm not."
Sawyer asked her sister, Mari, and their mother, Fran, to see if they would have the same problem if they logged into Facebook on their phones. Mari was taken into another woman's page. Fran had never used her phone to access Facebook and she was taken into a woman's page from Indiana. They sent an email to one of their accounts so they could prove what happened.
Freep.com reports Candace Sawyer saying, "I thought it was the phone -- 'Maybe this phone is just weird and does magical, horrible things and I have to get rid of it.'
The women who live in East Point, Ga, had the same model phone and they used AT&T
After Sawyer reported the problem to Facebook and AT&T she contacted the Associated Press.
The glitch was a routing problem at AT&T. There is a little known security flaw where the Internet lost track of who was who and the women were put into the wrong accounts.
According to theledger.com reports Michael Coe a spokesman for AT&T said that its wireless customers have landed in the wrong Facebook pages in "a limited number of instances" and that a network problem behind those episodes is being fixed.
There was a flaw in the infrastructure that connects the phones to the Internet.
Nathan Hamiel, founder of the Hexagon Security Group, a research organization said,The fact that it did happen is proof that it could potentially happen again and with something a lot more important than Facebook."
According to Coe these women ran into a different glitch. Coe said their investigation found the problem was a "misdirected cookie."e." Some Web sites use a file that is called a cookie that is placed on computers to store information that would include the user name that Facebook members members enter to access their page.
Coe said their technicians couldn't figure out how the cookie had been routed to the wrong phone, which led to the women accessing the wrong Facebook account.
Chris Wysopal, co-founder of Veracode Inc., a security company, said some Web sites would be immune to this type of mix-up such as those that use encryption. "A Web browser would have trouble deciphering the encryption on a page that a computer user didn't actually seek."