The Hacker News Logo
Subscribe to Newsletter

Instagram Patches flaw that Makes Private Photos Visible

Instagram Patches flaw that Makes Private Photos Visible
Your Instagram is not as Private as You Think. Millions of private Instagram photos may have been exposed publicly on the web until the company patched a privacy hole this weekend.

Instagram team was unaware of a security vulnerability from long time which allowed anyone with access to an image’s URL to view the photo, even those shared by users whose accounts are set to “private.”

In other words, If a private user shares an Instagram post with another service, such as Twitter or Facebook as part of the upload process, that shared photo will remain viewable to the public despite its privacy settings.

The flaw was first reported by David Yanofsky at Quartz and Instagram acknowledged the issue last week before patching the flaw. In a statement to Quartz, an Instagram representative said:
'If you choose to share a specific piece of content from your account publicly, that link remains public but the account itself is still private,'
The Instagram vulnerability was only exploitable on the web, not in Instagram’s iOS and Android apps.

'In response to feedback, we made an update so that if people change their profile from public to private, web links that are not shared on other services are only viewable to their followers on Instagram.'

Even with the loophole closed, anyone can still able to share your images online without your permission by viewing the page source, or by taking a screenshot.

Though the such privacy flaw or any other potential controversy could have an impact on parent company Facebook.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.