Facebook closes loophole that exposes private photos

facebook eye

Facebook has disabled parts of it abuse report system that allowed users’ private photos to be viewed by anyone.

The problem, according to a Facebook spokesperson, was due to recent changes to its abuse report system, which allowed any user to flag a number of photos in another user’s album that he or she deemed “inappropriate,” even if the user filing the abuse report was not friends with the user with the private photos.

“Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously,” said a Facebook spokesperson, in an email to Digital Trends. “The bug allowed anyone to view a limited number of another user’s most recently uploaded photos irrespective of the privacy settings for these photos.  This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed.”

facebook-zuckerberg-chickenThe loophole was originally uncovered on the forum of BodyBuilding.com, by user ThePoz, a 6-foot 5-inch 205-pounder from Syracuse, New York.

The patch did not come quickly enough for at least one user, however: Facebook co-founder Mark Zuckerberg. Thanks to some security wall-jumping sleuths at Hacker News and Reddit (where the BodyBuilding.com thread was posted and made widely visible), a number of Zuckerberg’s personal photos are now rapidly making their way around the Web.

Prior to its closing, the loophole worked like this: Go to the photos page of a user who is not your friend. Click on the “Report/Block” tab, and select “Inappropriate Profile photo.” After going through a number of pop-up windows, users who select to “Help us take action by selecting additional photos to include with your report,” were then allowed to pick other photos from that user’s albums. A little clever copy/paste of an image’s URL, and voila, private photos for all to see.

This is only the latest privacy flub Facebook has had to deal with since its launch in 2006. Just last week, Facebook settled with the Federal Trade Commission, which had accused the popular social network of engaging in “unfair and deceptive” privacy practices. The terms of the settlement require Facebook to receive explicit consent from users before changing any privacy settings, and to subject itself to independent audits of its privacy system for the next 20 years.

Because of this scrutiny, Facebook was quick to reiterate its commitment to user privacy, and it’s ability to keep private user data safe.

“The privacy of our user’s data is a top priority for us, and we invest lots of resources in protecting our site and the people who use it,” said Facebook’s spokesperson. “We hire the most qualified and highly-skilled engineers and security professionals at Facebook, and with the recent launch of our Security Bug Bounty Program, we continue to work with the industry to identify and resolve legitimate threats to help us keep the site safe and secure for everyone.”

Computing

After rocky start, Windows 10 October 2018 update is finally available to all

The Windows 10 October 2018 update is now available for everyone to download. After a serious bug derailed its initial release, the update is back and users are now able to check for it through Windows Update.
Smart Home

Ring, Amazon’s smart doorbell maker, explores technology that alerts police

Smart doorbells have been using facial-recognition technology to mark friends and family but a pair of patents filed by Ring could lead to doorbells that automatically identify suspicious persons and notify police.
Computing

Latest Facebook bug exposed up to 6.8 million users’ private photos

An API bug recently left an impact on Facebook users. Though the issue has since been fixed, some of the apps on the platform had a wrongful access to consumers photos for 12 days between September 13 and September 25. 
Wearables

Our favorite fitness trackers make it fun to keep moving

Looking for your first fitness tracker, or an upgrade to the one you're already wearing? There are plenty of the wrist-worn gadgets available. Here are our picks for the best fitness trackers available right now.
Social Media

What do yodeling and Kylie Jenner have in common? YouTube’s top 2018 videos

In a true nod to the variety found on YouTube, the platform's top 10 list of videos from 2018 range from celebrities to sports, from perfectly tossing a picture frame on the wall to a kid yodeling in aisle 12 at Walmart.
Home Theater

It took Tom Cruise to raise awareness of this troublesome TV setting

Tom Cruise, in an unexpected PSA tweet, asks you to turn off motion interpolation on your TV, but stops short of how to do it. Here's more on the topic, along with links to a guide on how to rid your TV of the dreaded "soap opera effect."
Business

Amazon scouted airport locations for its cashier-free Amazon Go stores

Representatives of Amazon Go checkout-free retail stores connected with officials at Los Angeles and San Jose airports in June to discuss the possibility of cashier-free grab-and-go locations in busy terminals.
Computing

Make a GIF of your favorite YouTube video with these great tools

Making a GIF from a YouTube video is easier today than ever, but choosing the right tool for the job isn't always so simple. In this guide, we'll teach you how to make a GIF from a YouTube video with our two favorite online tools.
Social Media

Snapchat facial recognition could soon power a new portrait mode, code suggests

Digging into Snapchat's code suggests a handful of upcoming camera features, including a portrait mode. The feature appears to use facial recognition A.I. to blur the background. The code also suggests an updated camera interface.
Computing

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.
Social Media

Walkie-talkie voice messaging finally comes to Instagram

In its latest grab from messaging apps, Instagram now lets you send walkie-talkie style voice messages. Apps such as Facebook Messenger, WhatsApp, Snapchat, and iMessage have offered the feature for some time.
Social Media

‘YouTube Rewind 2018’ is about to become its most disliked video ever

YouTube is about to achieve a record it really doesn't want — that of "most-disliked video." Yes, its annual recap of featuring popular YouTubers has gone down really badly this year.
Social Media

GIF almost anywhere with Giphy’s new keyboard and sticker maker

We all love GIFs, but not every app supports them. Fortunately, the new Giphy' keyboard brings GIFs to any iOS app that supports multimedia. The update also comes with a new tool for creating animated stickers.
Social Media

#ThrowbackThursday is only the start: Instagram hashtags for every day of the week

Not getting your hashtag fill with #ThrowbackThursday or #ManCrushMonday? Here's a list of some of the more popular Instagram hashtags, so you can outfit your next post with the proper tag, regardless of what day it is.