The following is why there will not be a facebook connect on my site. We may allow Open ID connect in the future; Open ID is the only single sign-on that would be considered. Forget Facebook, Twitter, Microsoft, google+ and any other.
Note the part that stated the bug has been live for a whole year; and they just now fixed it because it was brought to their attention.
"A Facebook security bug exposed users’ personal contact information (email or phone number) to other users who were connected to them; the bug has affected 6 million accounts.
“When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations,” the security team wrote in a blog post published today.
“Because of the bug, some of the information used to make friend recommendations and reduce the number of invitations we send was inadvertently stored in association with people’s contact information as part of their account on Facebook,” the post continued. “As a result, if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection.”
A Facebook spokesperson tells me the bug has been live since last year, and was discovered last week. Facebook says the security team fixed the bug less than 24 hours after it was brought to their attention."
