Bodybuilders expose Facebook's Zuckerburg to the world
Members of a bodybuilding forum find a flaw in Facebook, leading to Zuckerburg's private pictures being exposed.
A number of Mark Zuckerburg's private Facebook photos have been posted online after a flaw in the site was uncovered by users of a bodybuilding message forum.
Users were able to see private photos by exploiting a weakness in Facebook's reporting functions. Prior to Facebook addressing the issue, users could highlight a photo as inappropriate and then choose to include and view additional photos in the report, some of which could have been private.
Facebook needs to stop making mistakes when it comes to its members' privacy.
It took personal images of Zuckerburg, showing snippets from his personal life including an image of the social network's chief holding a dead chicken, for Facebook to fix the issue.
"In many ways it's good that Zuckerberg's account was targeted - if it such a high profile figure hadn't fallen victim, the flaw might have continued to have been exploited for much longer opening up opportunities for stalkers and others to view private photos," said Sophos chief technology consultant Graham Cluley, in a blog post.
"Facebook's programmers are experimenting with new features and are testing them out on the live site without, in this case at least, the code being properly reviewed with privacy in mind."
Facebook said the flaw was only live for a limited period of time and it was working on a permanent fix for the bug.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"Facebook needs to stop making mistakes when it comes to its members' privacy. Once users' trust is broken, it will be very hard to restore," Cluley added.
This is not the first time Facebook has found itself under the spotlight over photo privacy. In January, IT Pro found that by simply right clicking and selecting copy image location' on a photo, whether private or not, friends who had seen the picture could then paste the image URL to share it with unauthorised users, even those not on Facebook.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.