Facebook fixes flaw that revealed private photos

7 Dec 2011

A flaw in Facebook has been fixed, which lets people access private photos on other people’s profiles by using the image reporting tool.

ZDNet reports that the bug was found by members of a body building forum. The bug allows users to see photos that were made private by reporting a profile photo which is always public.

When users report inappropriate profiles photos, they are then asked why they believe they are inappropriate.

By ticking the “nudity or pornography” box, the site lets users “take action by selecting additional photos” for their report. Users are then able to select extra photos which have been normally kept private from them.

Some private photos from Facebook co-founder and CEO Mark Zuckerberg’s profile were found using this method, which include photos of Zuckerberg posing with his girlfriend, photos of Zuckerberg eating sushi and pictures of when he met US President Barack Obama.

Facebook has since fixed the flaw, saying it was down to a glitch and that only a few users were affected. It said the bug was only live for a limited period of time.

Facebook has dealt with numerous privacy issues in the past and has since tried to become more open about how users can control their data on Facebook.

The FTC recently announced an agreement with Facebook to outline how they should approach privacy in the US and the rest of the world. It follows privacy policy changes Facebook made in December 2009, where personal details of users’ profiles were made public by default.

In regards to this image reporting flaw, Facebook said it dealt with the issue as soon as it discovered it and said the integrity of user data was its priority.