View As
Just a few months ago, Facebook announced in a security update that a "security issue" had affected over 50M users' accounts, following up thereafter with additional technical details. If you have a Facebook account, you might recall being forcibly logged out around then, which was a defense mechanism, if belated; you can also check if attackers gained access to information associated with your Facebook account.
Answer the below in view.md
, each in no more than two sentences in your own words.
Questions
-
(2 points.) What’s an access token?
-
(2 points.) What bugs enabled attackers to obtain, potentially, your access token?
-
(2 points.) Why, presumably, did Facebook forcibly log users out?
-
(2 points.) How do session cookies (e.g., Flask’s) differ from access tokens?
Debrief
-
Which resources, if any, did you find helpful in answering this problem’s questions?
-
About how long, in minutes, did you spend on this problem’s questions?