Facebook Breaks Major Websites With Redirection Bug

johnsnails writes "Some of the biggest news sites in the world disappeared yesterday when Facebook took over the internet with a redirection bug. Visitors to sites such as The Washington Post, BuzzFeed, the Gawker network, NBC News and News.com.au were immediately transferred to a Facebook error page upon loading their intended site. It was fixed quickly, and Facebook provided this statement: 'For a short period of time, there was a bug that redirected people logging in with Facebook from third party sites to Facebook.com. The issue was quickly resolved, and Login with Facebook is now working as usual.'"

Single point of failure

[Anonymous Coward]

Recently we have seen very widespread "single point of failure" issues. Notably with Facebook and Apple who are both so pervasive in society. These firms are constantly doing major and complicated software updates and those updates are propagated either invisibly in the background or introduced through "voluntary" software updates where you don't get major new features unless you do the update and you have to simply live with whatever bugs or feature cripples come along with it.

The fact so many people are dependent on these very small number of very human folks is a large "single point of failure" risk for society and its individual, business, and government segments.

JJ

Re:Um... How?

[belthize]

I suspect horrible article is the main culprit. At a guess I suspect this is nothing more that Facebook's authentication service failing.

Client is directed to Facebook for authentication, mechanism fails, Facebook tosses up error page. The implication that Facebook did anything wrong other than having buggy authentication is likely way of base.

Full disclosure, don't have a facebook page, never visited a facebook page, have zero interest in facebook.

It Has Its Ups and Downs

[eldavojohn]

can we please stop relying on third parties for things *you* should be providing to your users.

Clearly it has benefits and disadvantages. One of the disadvantages is displayed in this story. I could name a decent amount of benefits though: 1) you don't have to register again and again every time you want to use some site. 2) you don't suffer from password fatigue. 3) you don't have to worry about no talent ass clowns storing your username and password in plaintext (although you do have to worry about facebook being no talent ass clowns about that). 4) if I just want to stand up a quick little site that is nothing more than CRUD associated to users then all that login stuff can be offloaded to facebook or whomever. 5) from a large corporation standpoint, you can now get additional social data about your users from the facebook api (I know, this isn't necessarily an advantage for the end user and is best viewed as double edged).

Are you opposed to openID too [wikipedia.org]?

Re:Um... How?

[Anonymous Coward]

The Steam browser is a nice example of facebook javascript gone wrong. Every page with a "like" script on it redirects to some facebook address as soon as the page finishes loading. The end result is that you see what you wanted to see, but the URL bar is always some sort of lenghty facebook redirect because Steam is trying to load it somehow but fails and leaves you on the page you wanted to visit anyway.

What's also interesting...

[raehl]

...I got this bug on a website I do *NOT* use Facebook to log into, so the Facebook statement appears incorrect in that regard. (I was logged into Facebook in that browser though.)

Re:It Has Its Ups and Downs

[whargoul]

...what else is so ubiquitous as to be a reasonable option that also doesnt suffer the same essential problems (certainly not a google account?)

I use Twitter when the option is available only because they don't collect data on me like facebook does. If it's facebook only, I usually won't sign up.

Re:It Has Its Ups and Downs

[DragonWriter]

Even though ultimately facebook is probably a bad choice for it, what else is so ubiquitous as to be a reasonable option that also doesnt suffer the same essential problems (certainly not a google account?)

OpenID. Sure, a provider having a similar error could stop users of that provider from logging on to your site, but its not a single point of failure for the entire site, its a single point of failure for the user and all the sites they use it to log into.

Re:so...

[CastrTroy]

I know a guy who does this. He pulls in about $50 a month with a site that basically runs itself. The only reason I don't do it is because the "ads" he ends up generating money off of are the kind that pay out when the visitor to his site installs a tool bar or some other nefarious thing. The only reason I wouldn't do that is that I don't think it's ethically correct to lure people into installing stuff they don't want on their computer. But I imagine that someone who's ambitious enough, and who sets up enough sites could generate quite a bit of money like this.