Facebook flaw briefly exposes private photos, including CEO Mark Zuckerberg's
If you have any private photos on Facebook that you really don't want out there, consider this story your fair warning to delete them. A flaw in the social networking site's reporting mechanism allows users to peer into content that is otherwise marked "private". Now would be a good time to remove that pic of drunken you mooning the boss.
The flaw was first widely reported on the forums of bodybuilding.com, a popular fitness site. The post -- since removed -- details the exploit. Proceed through the menus after reporting an image as inappropriate. When the dialog asks if you want to report any other images in the album, click "yes". All images, whether public or private, will be displayed.
BetaNews has confirmed the flaw, with varying degrees of success in exploiting it. In any case, Facebook has since fixed the issue, according to a statement from the company.
"The bug, was a result of one of our most recent code pushes and was live for a limited period of time", the site explains. "Not all content was accessible, rather a small number of one’s photos. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed".
No fix was fast enough for CEO Mark Zuckerberg, though. Those bodybuilding.com forum users who discovered the hack posted 14 private images of Zuckerberg's to image sharing website Imgur.com. The album, received over 100,000 views as of Tuesday afternoon.