Computerworld - Even after last week's unveiling of privacy upgrades, a security lapse on the Facebook Inc. social network early this week still exposed restricted photos to anyone using the site, according to an Associated Press report later confirmed by the company to Computerworld.

A spokeswoman said that after learning of the problem, Facebook engineers on Monday "tested the scenario, found that it was a bug and fixed it immediately." In a statement, the company added that "We take security very seriously."

The AP verified the security lapse earlier Monday after receiving a tip from Byron Ng, a Canadian computer technician who claimed to discover the lapse. Ng said he began looking for security weaknesses at the popular social network after last week's announcement that Facebook had developed new ways for members to limit access to content in their personal profiles.

Ng was able to find private pictures of Paris Hilton, and he sent the AP a template that allowed the company to access private photos of Facebook co-founder and CEO Mark Zuckerburg.

Marshall Kirkpatrick, a blogger at ReadWriteWeb, wrote that his readers had found evidence that the photos were exposed to unauthorized users for months via a simple URL edit.

"[The lapse] appears to have been simply a technical inadequacy," Kirkpatrick wrote. "It's tempting to say that breaches like this are an obstacle to ongoing user adoption of online services. At the same time, how often are credit card numbers exposed? The convenience of online shopping mitigates the impact of those stories. The same may or may not be true with online social networking."

Nick O'Neill, a blogger at AllFacebook, said that as Facebook grows, the company will be forced to upgrade privacy protections during each level of development.

"Then again, should Facebook hold the same standards for their photos team as they do for their credit card processing?" O'Neill added. "I would imagine that it ends up being a cost-benefit analysis which determines how much protection goes into each product."

Read more about web 2.0 in Computerworld's Web 2.0 Knowledge Center.

Comment Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

facebook

Additional Resources

WHITE PAPER

EFD vs. HDD - What You Need to Know

Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.

WHITE PAPER

Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009

The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.

WHITE PAPER

Eight Criteria for Server Load Balancing

Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

What People Are Saying

2 comments | Add new

See all comments (2) | Add new

White Papers & Webcasts

Virtualization and Web 2.0
In this era of Web 2.0, Web applications are absolutely mission critical to almost any organization. But these applications are giving IT managers...

Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".

Oracle Accelerate - Not Just Smart but Timely
Download Now!

Data in Action: Making the Planet Smarter
Register Now

Why BI is Ripe - Now! - For Businesses of Any Size
Download Now!

Hosted Security Services: Why it make budget and security sense in today's economy
Watch Now

How Midsize Businesses Are Using ERP To Gain Competitive Advantage in a Tough Economy
Download Now!

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Rapid Implementation: The New Age of ERP
Download Now!

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

All White Papers | All Webcasts

Computerworld Reports

Computerworld Technology Briefing: More than Business Value

Computerworld Briefing: Staffing for Intelligence

8 Questions To Ask About Your Intrusion-Security Solution

All Computerworld Reports

Disaster Recovery & Cost Savings Zone
Thousands of customers world-wide have turned to virtualization solutions from Riverbed as a way to reduce costs.