December 6, 2011, 3:47PM
Facebook Fixes Complaint Feature Abused To Bypass Photo Privacy, Zuckerberg Among Victims
2 Comments
Facebook has fixed a critical flaw in a user feedback feature that allowed any user to access private photos posted in other users accounts. Before it was fixed, the flaw was used to hack the account of Facebook CEO Mark Zuckerberg and post photos online.
The social network responded quickly after a post in a discussion forum on bodybuilding.com detailed a method for using a feature to report suspicious content to bypass privacy protections on other Facebook users' accounts. The company issued a statement Tuesday afternoon saying the bug was created in a "recent code push" and was only available for a short period of time before it was patched.
"Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed," Facebook said in an e-mail comment.
Zuck Exposed -: Photos Like This One Were Snatched From The Facebook CEO's Account
But not before the photo albums of Facebook CEO Mark Zuckerberg were compromised using the flaw. A total of thirteen photos from Zuckerberg's account were downloaded on posted on the Web site imgur.com.
In its statement, Facebook said the privacy of users' data "is a top priority for us, and we invest significant resources in protecting our site and the people who use it."
The company recently settled a case with the U.S. Federal Trade Commission (FTC) that will require the company to be more forthcoming about how it protects the privacy of photos and other personal information its users post. The company will also have to submit to privacy audits every two years.
In recent months, the social network has made efforts to improve its image on security and privacy. It announced a bug bounty in August 2011 and has taken pains to make its security process more transparent.
"We hire the most qualified and highly-skilled engineers and security professionals at Facebook...we continue to work with the industry to identify and resolve legitimate threats to help us keep the site safe and secure for everyone," the company said in a statement.
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
- Yahoo Includes Private Key in Source File For Axis Chrome Extension
- Researchers Unveil New Way to Trust Certificates
- FBI Warns Top Firms Of Anonymous Protest Hacks on May 25
- DNSChanger Lingers: 330k Systems Still Infected, 77,000 In The U.S.
- Defense Contractor Northrop Grumman Hiring For Offensive Cyber Ops
Most Commented Stories
Newsletter Sign-up
Take Our Poll
The Internet Crime Complaint Center recently warned of malware targeting travelers connecting to Wi-Fi. When traveling, do you
Connect to anything
21%
Only connect to password-protected, secure connections
39%
Only use websites with HTTPS
27%
I don’t pay attention to how I access the internet while traveling
13%
Total votes: 70
Follow Threatpost
 |  |  |  |
| Tumblr |
Comments
lighting orange nova plaid burberry cashmere scarf by way of example. I do think and ofcourse precisely what outfits anyone don to check this specific lighting orange burberry scarf. This specific tone on this scarf can be delicated, you should discover a firm just for this orange angel meticulously. Cashmere burberry scarf sale throughout lighting coloring may be wonderful, if you preserve burberry scarf wide open, you'll be able to only don burberry scarf lighting orange quite satisfied all-around guitar neck, allow it to go deal with your current guitar neck along with chest muscles, in case you want to key way up coat pertaining to temperature, fine, many of us propose anyone don burberry scarves outside the house your current receiver collar, you already know, affordable burberry scarf sale must be deal with your current back, which often can cause you to be search special, elegant along with weak, whoa, you'll be able to stimuluate your security want throughout adult men!