A design flaw inside Facebook Messenger Kids has up till now allowed children to enter group chats with unauthorised strangers. The latest vulnerability exposes the fact that Facebook failed to accomplish its primary objective of the Messenger Kids app by allowing a way for strangers to take to children.
According to The Verge, Facebook has been sending emails to the concerned parents about a “technical error” that existed inside the Facebook Messenger Kids app. The company told the parents that it has disabled all the group chats which were accessible because of the flaw and has put restrictions in place to prevent group chats like them from being created in the future.
As for how the flaw allowed children to talk to unauthorised users is pretty simple. An approved contact of a child could invite another user into a chat group and this allowed the friend’s other approved friends to talk to each other even if they were complete strangers. What this meant was that even if you only authorised a few contacts for your child to talk to, any of their approved friends will be able to create a group which allowed unapproved users to talk to them, thus letting the child talk to strangers online.
While it hasn’t made an announcement publicly, Facebook has confirmed to The Verge that the alert had been sent to over a thousand parents in the last few days. The reply read “We recently notified some parents of Messenger Kids account users about a technical error that we detected affecting a small number of group chats,” a Facebook representative said. “We turned off the affected chats and provided parents with additional resources on Messenger Kids and online safety”.
Facebook Messenger Kids was launched back in December 2017 and it’s unclear how long this bug had been present for. The app is a version of the original Facebook Messenger but instead only allows children to exchange messages with contacts approved by their parents.
The latest news comes two months after Facebook was found reportedlysharing users’ data without their consent to 100 different telecom companies and phone makers in 50 countries.