Facebook's latest update to its hugely popular mobile app is creating a storm by asking British users if it can access their SMS and MMS messages. Thanks to the fact that Facebook is a US company, it means that the US spooks can tap the social notworking site to read your mails. While many of us can’t imagine what use the NSA will have knowing that my wife is coming home and I need to get more cat litter, there are some companies which should be jolly concerned – particularly now it is known that the US is stealing secrets from foreign organisations.

Facebook simply wants to access more of your data to feed you more targeted ads, although Facebook Android engineer Franci Penov said that it needed to read your SMS’s to automatically intercept login approvals SMS messages for people that have turned on 2-factor authentication. It seems then I was right not to be dumb enough to give Google or Facebook my mobile number as this 2-factor authentication is more of a security nightmare than it is a help.

The reason Facebook needs access to all your messages rather than just from a specific number, is that Android's permissions system does not allow for it to do that. He said that data is not sent back to the company's servers, which means it could not be used to help put adverts in your timeline based on what you have written in your messages.

But in IT security the path to hell is paved with good intentions. It sounds to me that a system which is set up to read SMS messages can be a vulnerability waiting to happen. Assuming that it has not already.