Facebook privacy flaw exposes Mark Zuckerberg private photos
The Hacker News

A flaw in Facebook has granted prying users access to supposedly private photographs, including those of the website's chief executive, Mark Zuckerberg. In total 14 pictures of Mr Zuckerberg were posted to image site Imgur under the headline: "It's time to fix those security flaws Facebook".The bug in the website's photo reporting tool - which Facebook says was only temporary and has now been fixed - meant that users could access others' pictures even if they were private.
The Hacker News
The flaw was first reported on the forums of BodyBuilding.com, presumably because the users of that website like taking photos of themselves and putting them online. The bug exploits the way the offensive photograph reporting tool works. Facebook has been heavily criticised in the last few years for matters of privacy and so there are people who will leap on this story as yet another example of how the company simply doesn't take its users privacy seriously. Such problems have included a change to the terms and conditions that made all your photographs and statuses Facebook's property and a settings change that made everything on everybody's profile accessible to search engines by default.
The Hacker News
The exploit has since been patched, and Facebook has officially responded:
"Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously. The bug allowed anyone to view a limited number of another user's most recently uploaded photos irrespective of the privacy settings for these photos. This was the result of one of our recent code pushes and was live for a limited period of time."
The Hacker News
In a blog post, Mr Zuckerberg said that "even if our record on privacy were perfect, I think many people would still rightfully question how their information was protected".

"It's important for people to think about this, and not one day goes by when I don't think about what it means for us to be the stewards of this community and their trust," he added. Facebook was forced to agree to external inspections of its privacy systems and agree to fines of $16,000 per day for new violations. Mr Zuckerberg also pledged to protect users' information "better than any other company in the world".

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.