How many bodybuilders does it take to overpower Facebook security?
“ThePoz” — who just happens to be a “High Warlord” on the bodybuilding.com forums — posted a method revealing a security flaw that allowed someone to post Facebook founder Mark Zuckerberg’s private pics.
Aside from hanging with other rich and powerful people, Zuckerberg’s private life seems as exciting as a Golden Girls TV marathon.
Forum users found the technique interesting, though one poster said the obvious: “Haha, interesting find. I don’t think many girls are retarded enough to upload nudes to Facebook though.”
Yeah, that’s what Twitter is for.
Facebook seems to have fixed the glitch, it didn’t work when I tried reporting my innocent friend for having nude pics. (Sorry Brad!)
A Facebook spokesperson contacted the AJC and said:
“Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously. The bug allowed anyone to view a limited number of another user’s most recently uploaded photos irrespective of the privacy settings for these photos. This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed.
The privacy of our user’s data is a top priority for us, and we invest significant resources in protecting our site and the people who use it. We hire the most qualified and highly-skilled engineers and security professionals at Facebook, and with the recent launch of our Security Bug Bounty Program (http://www.facebook.com/whitehat/), we continue to work with the industry to identify and resolve legitimate threats to help us keep the site safe and secure for everyone.”
It is ironic, of course, that Zuckerberg’s pics were posted. Facebook has been shredded for having violating the privacy of users since people started using it. Recently, the social networking site agreed to submit to government audits of its privacy practices every other year for the next two decades.
If you want something to remain private, don’t upload it to a website … any website. Keep it locked in the basement like my Uncle Geech does.