Facebook, as we all know, is far from a perfect system. Bugs, loopholes, flaws – the site has had its fair share of them over the years. With every new update to the code, it’s highly possible that some discrepancy could crop up and cause quite a bit of trouble. In fact, as it turns out, there has been a security flaw that allowed people to view private photos by exploiting the ‘report photo’ feature.
Facebook implemented a new feature which allowed people to report multiple instances of inappropriate content all at once. Basically, if you go to a person’s profile, look for a photo and then report it for whatever reason (usually nudity or pornography) then you will be given the option to “take action by selecting additional photos to include with your report”. The feature in itself makes complete sense. There’s a good chance that someone who has one ‘questionable’ photo would have more in his account. Unfortunately, the feature also gives the one reporting a window into the person’s private photos.
When Facebook caught wind of the bug, they immediately disabled the feature and removed it, promising that they would simply reinstate it once the bugs are fixed.
Unfortunately for CEO Mark Zuckerberg, though, a blogger got to the bug before his company did and used it to get a rather poignant message across:
“It’s time to fix those security flaws, Facebook…”
The blogger didn’t even have to write anything to support his statement, the thirteen supposedly “private” photos of Mark Zuckerberg archived on the blog spoke for themselves.
Before anyone gets hopeful, though, be informed that none of the images were particularly scandalous and were, in fact, highly tame. The CEO of Facebook seems to have a rather good grasp of how to behave in a social network.
There were some photos of Mark Zuckerberg playing with his dog, making some sushi, standing around with his girlfriend, posing with a group of friends – nothing out of the ordinary at all. They were completely safe to post online, publicly or privately.
Still, even if the photos were completely benign, there’s still the fact that photos which were supposed to be private were made public. The scope of the damage could have been far worse for other users. Also, the bug came at a very bad time for Facebook, as the company is currently under heavy scrutiny from the FTC.
This incident is another example of why you don’t trust sensitive data or compromising photos to privacy settings alone. A pretty good rule of thumb is to never post anything online that you wouldn’t mind being exposed to the world.