Technology briefs

Facebook apps leaked data, no evidence of misuse

NEW YORK — Security firm Symantec has discovered a security flaw in Facebook that inadvertently gives advertisers and other outside parties access to people’s accounts. But Facebook said it has fixed the problem and found no evidence that any private information was shared with any outside party.

Symantec said Tuesday that the outside parties may not even have realized that they were able to access users’ profiles, photos and chats. The problem was leaking “access tokens,” which are akin to spare keys that let apps access your profile if you gave them permission, Symantec researcher Nishant Doshi said in a blog post.

Doshi estimates that some 100,000 applications were enabling the data leak as of April. Over the years, however, hundreds of thousands of applications may have accidentally leaked millions of access tokens to outside parties.

Most of the access tokens used on Facebook expire after two hours. But Doshi said an application can also request and use offline access tokens, which are valid until users change their passwords.

The leaky apps had been using an old version of Facebook’s authentication method. The current one doesn’t have this problem, and Facebook is moving app makers to the new system, said Kevin Haley, director of security response at Symantec.

Users who are concerned can change their Facebook passwords, which has the effect of changing the lock on a Facebook profile. But Haley said users shouldn’t be overly worried.

“The potential is very large but we have no evidence that anyone did anything with this capability,” he said.

In a prepared statement, Facebook said its advertisers and developers are prohibited from obtaining or sharing user information in a way that violates the company’s policies.

Groupon, Live Nation form online-ticket deal site

NEW YORK (AP) — Concert promoter Live Nation Entertainment Inc. and online deal site Groupon are forming a venture to develop an online ticketing deal website called GrouponLive.

Financial terms were not disclosed. The site is expected to go live ahead of the summer concert season.

Groupon, a rapidly growing service based in Chicago that offers hundreds of daily discounts in 500 markets, and Los Angeles-based Live Nation, which acquired Ticketmaster last year, say the site will offer deals on tickets to concerts, sports, theater, arts and other live events.

Led by Groupon, daily-deal ticket sites have proliferated over the past year.

“Our success is based on selling tickets and filling seats and GrouponLive gives us another platform to achieve this,” Live Nation CEO Michael Rapino said in a statement.

Live Nation boosted ticket sales in the first three months of the year thanks to price cuts and a slew of A-list acts going on sale, including U2, Prince and Lady Gaga. But sales in mid-April started to slow, which may lead to more discounted tickets.

Last year, North American concert revenue fell 8 percent to $4.25 billion, hurt by weak consumer demand and high ticket prices, according to trade magazine Pollstar. This year, Live Nation is booking fewer shows and cutting prices for seats that are far away from the stage.

Rapino said more artists are trying to make back-row seats cheaper so more fans can attend shows.