Facebook Says A Bug May Have Exposed The Unposted Photos Of Millions Of Users (buzzfeednews.com) 51
A day after hosting a pop-up store in New York City's Bryant Park to explain how privacy is the "foundation of the company," Facebook disclosed that a security flaw potentially exposed the public and private photos of as many as 6.8 million users to developers. From a report: On Friday, the Menlo Park, California-based company said in a blog post that it discovered a bug in late September that gave third-party developers the ability to access users' photos, including those that had been uploaded to Facebook's servers but not publicly shared on any of its services. The security flaw, which exposed photos for 12 days between Sept. 13 and Sept. 25, affected up to 1,500 apps from 876 developers, according to Facebook.
"We're sorry this happened," Facebook said in the post. "Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users." Facebook has not yet responded to questions about whether company representatives staffing its privacy pop-ups yesterday were aware of this security flaw as they were meeting with reporters and customers to discuss privacy. Further reading: Facebook's lead EU regulator opens probe into data breach.
"We're sorry this happened," Facebook said in the post. "Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users." Facebook has not yet responded to questions about whether company representatives staffing its privacy pop-ups yesterday were aware of this security flaw as they were meeting with reporters and customers to discuss privacy. Further reading: Facebook's lead EU regulator opens probe into data breach.
If you don't want it on the internet... (Score:5, Insightful)
Don't post it to the internet!
Re: (Score:2)
Re: (Score:2)
Agreed. Many of life's problems go away if you are not an idiot.
Re: (Score:1)
To further compound the problem at least half of the worlds population is idiots (yes I'm being generous).
It wasn't even posted though... (Score:4, Interesting)
The thing is, these were images that were not technically posted.
It's interesting because Flickr has a feature that makes me wonder, where you can keep your whole camera roll uploaded - it's not made public, just stored.
Given this Facebook breach, keeping private photos like that on Flickr seems like it may be a bad idea as well... if you have anything you would mind being leaked anyway.
I wonder at what point private photo leaks will significantly start impacting politics (maybe they are already).
Re: (Score:1)
Re: (Score:3)
Don't post it to the internet!
Let's not lose sight of the fact that it's not "the internet" that completely screwed the pooch here, it is *specifically* Facebook, and their long history of leaks, "oopses", non-apologies, etc is going to go on because their whole business model is premised on gathering and selling private data, and they have even less decency than most.
My version of this advice would be "Choose a much better partner than Facebook in your quest for control over your data."
Accidentally on Purpose (Score:2)
Is it just me as the perennial skeptic, or does it almost seem like facebook has a leak or a revelation about something way too often for it to be accidental. It's almost like they're "accidentally on purpose" doing things so that they stay in the news and people don't forget about them.
No news is bad news right? Let's leak some photos so we can patch the bug next week and stay in the news. They wouldn't do that right? Or would they?
Re: (Score:2)
Re: (Score:3)
Journalists should follow the money, for people looking to sell fb short, or waiting for it to drop as a buying opportunity.
I first realized this when, the same week Taser went public, suddenly there was a big story about tasers killing people.
Re: (Score:2)
This is worse story that Facebook is trying to make it look. Those private photos, could be exceedingly private, as in personally pornographic in nature. There are laws against publishing explicit personal photos of inviduals, Facebook has factually broken those laws and should face full criminal penalties.
Remember when all of a sudden a series of web sites banned porn not long back, guess why the panic. Well at what age do females start to feel the urge for expensive clothing, makeup, jewellery and of cou
Another NSA-serving "bug".. (Score:1)
Oh darn. Oopsie!! Such accidental!
Its always a bug now (Score:1)
I'm sure it was just a bug Facebook. Their all bugs aren't they? So glad I decided to part ways with Facebook, probably should have never signed up to begin with.
I just bought Blackmail stock (Score:2)
I'll be so rich.
Re: (Score:2)
I tried to, but I ended up with BLCM and it was a total dud.
Reminds me of the time my friend recommended Cysco to her grandma, and she bought Sysco instead.
Except, Sysco was a good buy.
Re: (Score:2)
This shows that even if you thought about posting something to the cloud, but decided to click "cancel" instead, it might already be too late!
Even just thinking about posting something to facebook is enough for it to leak out into public. Yikes.
Proper etiquette (Score:2)
You know, it's proper etiquette to provide a torrent link for stories like these. j/k
I'm almost becoming inured to these data leak stories. I use Facebook, but I would never post photos that I would care about being made public... that's why I put them up there. If anyone is interested in looking at some big, doughy white guy, and the food he cooks, more power to them. I figured out 25+ years ago that I simply wouldn't post anything online that I wouldn't want to see on the front page of something lik
Amateur Web Site at Best (Score:1)
Facebook increasingly resembles some amateur web site (filled w home pages) run by beginners who overstate their technical skills
Re: (Score:3)
A little secret for you, the bulk of IT is run by beginners who not only overstate their technical skills, they also personally overvalue their technical skills. In short, they don't really understand how poor their skills are.
Now consider that as a basic starting point for a developed platform, then factor it in with the software running on that platform, for the higher-level protocols that let that software communicate, and for the staff that maintain the systems, and one can see why breaches are so damn
Re: (Score:2)
It is what Geocities would have been if they implemented chat.
Re: (Score:2)
The entire purpose of Facebook is to collect and sell your data, and nothing Zuckerberg has ever done supports the conclusion that privacy is the 'foundation' of Facebook.
Not quite nothing. The advantage it gave over MySpace that let it overwhelm it was that you could limit views to your friends.
Common file sharing hack is this (Score:2)
People share log-ins and save things as draft for the party to read. Some under the impression it is really private. I was shocked to see some General commanding our troops in Afghanistan using it to share notes with some lady he was having an affair with. Talk about blackmail vulnerability!
So impact of this bug is going to be quite big.
So they ask for your nudes..... and then... (Score:3)
So they want us to upload nude photos to stop revenge porn, then they allow access to all these other photos. Ho boy.
"privacy is the foundation of the company" (Score:2)
The more we learn about Facebook... (Score:2)
The Antonym (Score:1)
RE: privacy is the "foundation of the company"
Are they so accustomed to lying that they can keep a straight face now when they say things like this?
Facebook is the antonym of Privacy! They've always been the last to adopt any security practices, and only when forced.
transitivity retainer (Score:2)
Does Facebook's genie-stuffing operation also extend to Facebook partners whose own security melted down while they were in possession of illicit private-image contraband (and their partner's partners, too, et al and sundry)?
If so, they might want to maintain the CDC on a warm and cozy legal retainer (and the CDC might want to base itself in a larger home city—there are some things Atlantis just can't do).
"May Have" (Score:2)
Checking the URL.... (Score:1)
Hmmm... Slashdot. News for Nerds...
Wait. Facebook lacking privacy of users' info?
This isn't NEWS! It's SOP.