Wednesday, 7 December 2011

Facebook fixes bug that allowed access to private pictures

Facebook has fixed a bug that briefly allowed users to access others users' private photos, even if their profile pages were locked down. The bug was spotted in the site's tool that allows users to report offensive content. However, clicking on a user's profile pictures, then reporting it to Facebook as 'nudity or other inappropriate content', prompted the site to show other photos from the user's account and ask whether they were offensive as well



According to reports, the bug was first spotted by the reader forums for BodyBuilding.com. The discussion was reportedly removed from the website later, however, users were found commenting about the glitch in other comment threads.
Facebook was quick to respond to the bug and issued a statement soon after it was highlighted. Acknowledging the glitch, Facebook said that very few users were affected by it. Facebook, however, did not reveal precise number of users affected.
A number of Facebook users have their profile pages locked. Only profile picture data is normally visible for display. Users who exploited this flaw reported a profile picture as 'nudity or pornography', which further directed to the reporting tool to display the images.
Some private photos of Facebook chief executive and founder Mark Zuckerberg were also accessed with this exploit. A Facebook spokesperson said that a bug was “discovered in one of our reporting flows” that allowed users to report multiple instances of inappropriate images, posts, or other content. The bug was discovered in “one of our most recent code pushes”, but pointed out that the code was live “for a limited period of time”.
image courtesy: zdnet.com
The bug comes days after the Federal Trade Commission asked Facebook to be more transparent about its privacy policies. Zuckerberg asserted that his company had made “a bunch of mistakes” on the privacy front and vowed to overhaul its policy, giving users more control of their information on the social networking site.
In a detailed blog post on the social networking site, Facebook founder and chief executive says that he had founded the company on an idea that people are willing to share and connect with others, but “to do this everyone needs complete control over who they share with at all times”.

No comments:

Post a Comment