Facebook squashes bug that let anyone delete any picture or animation

Facebook 3D posts
If you’re putting your life out there on Facebook, then you’re probably hoping your priceless images remain around for all posterity. At the very least, you want to be the one to remove them from the site should you decide they contradict your recent conversion to Buddhism. Fortunately for you and every other Facebook user, a bug was discovered and fixed that would have allowed anyone to easily delete your pictures and animated GIFs.

As reported by Security Week, the flaw was identified by Iranian security researcher Pouya Darobi, who was taking a look at a new Facebook polling feature and discovered a simple method for deleting any image or animation posted on Facebook. Thanks to Facebook’s generous bug bounty program, which put $10,000 in Darobi’s bank account, the bug was promptly reported and Facebook implemented a temporary fix on November 3, the day the bug was reported. A permanent fix came out on November 5.

At the heart of the program was a new polling feature that Facebook rolled out at the beginning of November. The feature allows users to create polls and add pictures and GIF animations. The poll creation process generates code that includes the unique image identification number for each picture and animation that is included with the poll.

If the poll post was subsequently deleted, then the images were deleted as well. The problem was caused by the ability to replace the image ID in the code with that of any other image on Facebook, including images owned by other users. Deleting the post deleted those images as well.

This is not the first bug that allowed users to delete Facebook materials. Other bugs have been discovered by researchers, like Darabi, that allowed the deletion of comments, videos, and photos. Like this bug, the method in many instances revolved around simply replacing the asset ID.

Darabi has made a pretty penny reporting bugs to Facebook, with a bug reported in 2015 that netted him $15,000 from the social media giant and $7,500 for another bug reported in 2016. All told, Facebook has shelled out well in excess of $5 million in its bug bounty program. It’s enough to make you want to spend some time locking down your Facebook account.

Computing

Windows on a Chromebook is a dead dream, but something better could replace it

Recent code updates posted in Chromium Gerrit indicate that Google has canceled Project Campfire, ending its plans to let Chromebooks dual boot Windows and Chrome OS. Is hope all but lost on this popular feature?
Deals

The best Amazon Prime Day 2019 deals: Everything you need to know

Amazon Prime Day 2019 is still a few months off, but it's never too early to start preparing. We've been taking a look at the best discounts from previous Prime Days to give you our predictions of what to expect this year.
Social Media

Save me: How to download Instagram photos from any device

Browsing photos in Instagram is one thing, but saving them is another. Until recently, it wasn't easy to get your pics and data off the 'gram and saved elsewhere, but now you can download Instagram photos with just a few clicks.
Social Media

Twitter sorry for mistakenly storing and sharing some users’ location data

Twitter has revealed that a bug led to it accidentally storing and sharing location data for a number of iOS users. The issue, which has now been fixed, affected those operating more than one Twitter account from the app.
Movies & TV

Prime-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Computing

Zombieload forces a choice between performance and security. What will you do?

Intel has handled the recent discovery of a security vulnerability in its CPUs with confidence, a contrast to its reaction to Spectre and Meltdown. But with ZombieLoad, performance and security seem to be at odds, and you have to choose.
Product Review

Microsoft’s Surface Laptop 2 launched last year, but already feels old

Released in fall of 2018, the Surface Laptop 2 was competitive at the time but now must deal with new competitors that were announced at CES 2019. How does the popular Surface Laptop 2 hold up six months later?
Computing

The Dell XPS 13 headlines the best laptop deals for May 2019

Whether you need a new laptop for school or work or you're just doing some post-holiday shopping, we have you covered: These are the best laptop deals going right now, from discounted MacBooks to on-the-go gaming PCs.
Computing

Is Threadripper dead? If so, AMD has made a huge mistake

Think Threadripper is dead? Think again. AMD's flagship CPU line might not be on this year's roadmap, but it's not dead and could well bring some amazing new enhancements when it returns.
Social Media

6 easy ways to archive all of your favorite Instagram videos

Saving Instagram videos should be just as easy as taking a screenshot. So, we've put together a list of the best apps and tools that save your favorite Instagram videos onto your phone or computer.
Computing

Cybercrime gang that stole $100M busted in international effort

A major cybercrime gang that used powerful malware to steal an estimated $100 million from bank accounts has been dismantled following an international effort that spanned six countries.
Computing

G-Sync is a game-changer. These are the best monitors with Nvidia's display tech

Looking for a monitor that plays well with Nvidia GPUs? You need G-Sync and we have picked the best G-Sync monitors available. Take a look and find out which monitor works best for your PC upgrade.
Computing

Microsoft is discounting this Surface Laptop 2 by a sweet $300

Microsoft is offering a nearly 14-inch Surface Laptop 2 with 256GB of storage at a $300 discount until May 18, 2019. The laptop comes with a PixelSense display, and Intel Core i5 processor and a 720p HD camera.
Product Review

Looking for discrete graphics on the cheap? The Acer Swift 3 will do the trick

The Acer Swift 3 is a tweener laptop that’s not quite budget and not quite premium – and it feels and performs accordingly. It manages to hold its own, though, thanks to its discrete GPU.