E-mail updates
Follow on Twitter
Subscribe to RSSA glitch in the system used to report inappropriate images on Facebook briefly allowed users to view others' private photos. No one's pictures were safe — not even those belonging to Facebook founder and CEO Mark Zuckerberg.
Members of the BodyBuilding.com forums were among the first to discover the glitch and they quickly put together detailed instructions on how it could be exploited by those wishing to view private images of friends and strangers.
It didn't take long for a link to those instructions to make its way around the Internet and for folks to start snooping on their former lovers, enemies, teachers, bosses, employees ... and on Facebook's own Mark Zuckerberg.
Imgur
Private photos belonging to Facebook founder and CEO Mark Zuckerberg were revealed as a result of a recent glitch in the system used to report inappropriate images on the social network. They got attention after being uploaded to an album on photo-sharing service Imgur.
At some point someone even posted a small collection of the social network founder's private photos to image-sharing service Imgur with a caption proclaiming that "it's time to fix those security flaws Facebook." (Those once hidden images have now been viewed nearly half a million times.)
Imgur
Private photos belonging to Facebook founder and CEO Mark Zuckerberg were revealed as a result of a recent glitch in the system used to report inappropriate images on the social network. They got attention after being uploaded to photo-sharing service Imgur.
The method used to acquire those — and other private photos — was pretty simple, as explained by BodyBuilding.com forum member ThePoz:
All someone needed to do is pick a target, click the "report/block" button on his or her profile and then select "inappropriate profile photo" when asked why the profile is being reported.
On the next prompt, the snooping user would have to claim that the image is inappropriate because it contains "nudity or pornography." After that, he or she would check a box to "report [the image] to Facebook."
The final step is to helpfully offer to "help [Facebook] take action by selecting additional photos to include with [the] report." And tada! Suddenly a selection of the reported users photos appears — including the ones which are private.
We reached out to Facebook for an explanation of what happened when we first heard about this privacy glitch. The company replied as it issued a fix:
Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously. The bug allowed anyone to view a limited number of another user's most recently uploaded photos irrespective of the privacy settings for these photos. This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed.
The privacy of our user's data is a top priority for us, and we invest significant resources in protecting our site and the people who use it. We hire the most qualified and highly-skilled engineers and security professionals at Facebook, and with the recent launch of our Security Bug Bounty Program (http://www.facebook.com/whitehat/), we continue to work with the industry to identify and resolve legitimate threats to help us keep the site safe and secure for everyone.
Long story short? Your private Facebook photos are private once again — or as private as anything uploaded to the Internet could be.
Related stories:
- Facedrink: Caffeine with a 'taste of friendship'
- Facebook: 6 degrees of separation? More like 4
- Woman fights to put Effin on Facebook
Want more tech news, silly puns, or amusing links? You'll get plenty of all three if you keep up with Rosa Golijan, the writer of this post, by following her on Twitter, subscribing to her Facebook posts, or circling her on Google+.
Leave a Comment:
Wow that's interesting. Except, not. Now maybe if the woman were naked...
Woman is not the same as WOMEN you moron.
If he was referring to zuckerberg's girlfriend, "if the woman were naked" uses a perfectly grammatical past subjective form of "be".
Here's a grammar lesson you moron: http://www.englishclub.com/grammar/verbs-subjunctive.htm
PROTIP: Do not upload pictures to the internet that you do not want the WHOLE WORLD TO SEE! The internet is not private.
Agreed completely. You may as well just assume if it's on the internet, everyone is going to see it, so don't be stupid about uploading pictures that you REALLY want to be private.
Keep in mind, once it's out there, it cannot be deleted.
Technically it can...it would just require a LOT of effort. =P
Once the search engine caches get ahold of it, it's pretty much impossible without legal remedies :/
It's not a matter of privacy as much as it displays the fact that Facebook does not have a mature or very experienced engineering team.
I feel like that's more of a novice tip, i cant believe anyone younger than 70 or younger than 10 would put anything they dont want people to see forever on the internet, they should know by now.
“They 'trust me'. Dumb @!$%#s.”
- Mark Zuckerberg, Facebook
In the spirit of The Simpson's Nelson character:
To Mark Zuckerbutt,
Ha Ha!
No one is untouchable these days.
How ironic (and APPROPRIATE!) that Zuck got outed!
Couldn't of happened to a better person! Now he knows how is users felt when they made security changes that exposed all of their private information!
(MarkZ...phonecall) Oh Really? They hacked MY private photos? Crap...I thought I was smarter than to post that stuff up there...Well, there goes the neighborhood."
Boorrriing... At least these were clean photos. I am not all that into criticizing a 220 IQ kid that built an empire from people's personally shared information, but they (FB IT) should address changes in a more mature manner (and TELL us what they are changing on the interfaces _before— they do it). Sorry they had a glitch, but I was not affected (I am pretty 'John Q Public' so noone would care if my images were posted all over the web).
That's ironic I just had to log in to my facebook account to make this post. :) Every website is going to have bugs and vulnerabilities. It is no different for the largest social network. They are still governed by the same laws of Internet security. New exploits happen weekly. Internet security will always be one step behind those that reverse engineer it. As long as it is accessible via a public network there is a chance that someone will be able to access information that wasn't meant for them.
Truer words were never spoken!
When will they ever learn?
Your data privacy is very important to us, except when we sell it to attain massive amounts of money.
More true words.
Today Show: If you clearly know these are his private photos, that were accessed by a mistake or glitch, why do you think it your right to violate that intended privacy exponentially and show the photos to millions more people?
ANSWER: Ethics NULL
Because someone else did it first. That's the justification in all media reporting, don't you know that?
What I know is any person or entity with ethics, morals, standards, or simply common courtesy and care wouldn't have done it. But yes, they do it all the time.
Oh, who cares? The pics are of some goofball wearing an apron and making sushi. That's hardly tantalizing material there.
He probably does (since he had them marked as private), and probably some of the other people in the photos weren't planning on this. Agreed, nothing tantalizing here. But many in the public, apparently not including you, would feel violated if their personal photos were acquired by mistake and shown to millions without their permission. I comes down to ethics and courtesy. Who cares???
Greg Beard writes:
"What I know is any person or entity with ethics, morals, standards, or simply common courtesy and care wouldn't have done it." I can agree with that statement.
Unfortunately there are also those who are greedy and have no or very limited morals. Zuckerberg comes to mind since he is getting filthy rich selling the info he has free access to on FB.
What an idiot. If you don't want the whole world to see your private stock of photos then don't put them on Facebook or anywhere on the Internet for that matter. He's definitely as dumb as I though he was.
I refuse to believe this was an accident. It might have been a Facebook ploy to show that "even Mark's picture's can get hacked." Looks like the pictures were all selected for release. It makes a good story but I'm not buying it.
When will people understand. If you post something on the internet it is not private. Anything can be hacked. This is good for Mark so that he can see that his own site has issues.
Stay off of Facebook and Twitter. I cannot understand what is the fascination with Facebook and Twitter. Get a life, people.
Totally agree. Such dribble.
Facebook I can understand, it helps keep in contact with friends / family.
Twitter I do not, who the hell cares if you ate a taco for lunch?
This film is set to release next year and is based on exactly these same Glitch based issues.
It was just posted a few days ago and seems to be very interesting... and creepy...
Search: "(AmI) Live" on Facebook