A series of private pictures of Facebook founder Mark Zuckerberg have been posted online by "hackers" to highlight a bug in the social network.
In total 14 pictures of Mr Zuckerberg were posted to image site Imgur under the headline: "It's time to fix those security flaws Facebook".
The bug related to tools designed to allow users to report inappropriate images.
Facebook said that it had fixed the glitch.
Privacy"Earlier today, we discovered a bug in one of our reporting flows that allows people to report multiple instances of inappropriate content simultaneously," the firm said in a statement.
"The bug allowed anyone to view a limited number of another user's most recently uploaded photos irrespective of the privacy settings for these photos.
"This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed," the statement read.
The BBC asked Facebook's permission before publishing the photographs of Mr Zuckerberg. The firm said that as the pictures were now in the public domain it would not be pursuing copyright infringement claims.
LoopholeThe bug was discovered by members of a bodybuilding forum who went on to post step-by-step instructions on how to view private photos.
When users reported a public profile picture of someone as inappropriate, they were invited by Facebook to view more of the person's pictures to look for similar content. The thumbnails shown to them were easy to enlarge and download.
The "hackers" used the loophole to break into Mr Zuckerberg's pages, as the most high profile member of Facebook's 850 million users.
The images of Mr Zuckerberg included shots of him preparing food with his girlfriend, holding a chicken by the leg and meeting US President Barack Obama.
The embarrassing incident comes a week after the Federal Trade Commission slammed changes made to Facebook's privacy settings two years ago. It accused the social network of deceptive practices and demanded it subject itself to regular audits over the next 20 years.
Source: BBC Tech News
No comments:
Post a Comment