Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Networking
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 

Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Update: Facebook fixes security lapse that exposed photos

Researcher and reporter accessed restricted photos of Paris Hilton, Facebook CEO

By Heather Havenstein
Comments
1
Recommended
125



March 26, 2008 (Computerworld) Even after last week's unveiling of privacy upgrades, a security lapse on the Facebook Inc. social network early this week still exposed restricted photos to anyone using the site, according to an Associated Press report later confirmed by the company to Computerworld.

A spokeswoman said that after learning of the problem, Facebook engineers on Monday "tested the scenario, found that it was a bug and fixed it immediately." In a statement, the company added that "We take security very seriously."  

The AP verified the security lapse earlier Monday after receiving a tip from Byron Ng, a Canadian computer technician who claimed to discover the lapse. Ng said he began looking for security weaknesses at the popular social network after last week's announcement that Facebook had developed new ways for members to limit access to content in their personal profiles.

Ng was able to find private pictures of Paris Hilton, and he sent the AP a template that allowed the company to access private photos of Facebook co-founder and CEO Mark Zuckerburg.

Marshall Kirkpatrick, a blogger at ReadWriteWeb, wrote that his readers had found evidence that the photos were exposed to unauthorized users for months via a simple URL edit.

"[The lapse] appears to have been simply a technical inadequacy," Kirkpatrick wrote. "It's tempting to say that breaches like this are an obstacle to ongoing user adoption of online services. At the same time, how often are credit card numbers exposed? The convenience of online shopping mitigates the impact of those stories. The same may or may not be true with online social networking."

Nick O'Neill, a blogger at AllFacebook, said that as Facebook grows, the company will be forced to upgrade privacy protections during each level of development.

"Then again, should Facebook hold the same standards for their photos team as they do for their credit card processing?" O'Neill added. "I would imagine that it ends up being a cost-benefit analysis which determines how much protection goes into each product."



Make a Comment Recommend Story Slashdot this Digg this
Print Story Send Feedback Email this Reprints

Related Content

Webcast: Simplifying the Data Center Network
Whitepaper: The 2008 ERP in Manufacturing Benchmark Report Summary

CW Report: An Apple for Your Enterprise?
Web of the Living Dead
Elgan: Why you can't trust 'friends' on Facebook
Facebook wins $873M judgment in spam suit
Facebook Etiquette: Five Dos and Don'ts
Facebook app verification fee draws criticism

Today's Top Stories

Clues point to Jan. 13 release of Windows 7 beta
Microsoft releases Vista SP2 beta
Obama's DHS pick may find support for raising H-1B cap at confirmation hearing
IBM wants info from Apple execs in Papermaster case
License server glitch exposes SonicWall users to e-mail security threats
Report: Former AOL chief exec tries to raise funds to buy Yahoo

What People Are Saying

See comments | Add new
See comments | Add new

Resource Alerts

to receive Web 2.0 Resource Alerts

Webcasts

Real-time collaboration and development with IBM® Rational® Team Concert streamlines any project

Web Threats Don't Discriminate

Simplifying the Data Center Network

Whitepapers

Web 2.0 The New Face of the Web

Designed to Manage Lean Principles

The 2008 ERP in Manufacturing Benchmark Report Summary

Computerworld Reports

Compterworld Technology Briefing: Intelligent Users Use Business Intelligence

Computerworld Report- Large Enterprises Pay More for IPAM

An Apple for Your Enterprise?

Editor's Picks

Clues point to Jan. 13 release of Windows 7 beta

Microsoft releases Vista SP2 beta

Obama's DHS pick may find support for raising H-1B cap at confirmation hearing

IBM wants info from Apple execs in Papermaster case

License server glitch exposes SonicWall users to e-mail security threats

Report: Former AOL chief exec tries to raise funds to buy Yahoo

TODAY'S TOP BLOG
Patrick Thibodeau:
Satellite images of U.S military bases Which is more important? Helping terrorists or protecting military bases? Answer: protecting Web 2.0 ... [more]
Your Say
Chrome a Windows killer?
Anonymous wrote: Having to be connected to use apps that are not inherently dependent upon being connected is a liability...
[read the story | have your say]
Hot topics now:
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
The 2008 ERP in Manufacturing Benchmark Report Summary
IronPort Web Reputation Filters Tech Note
Designed to Manage Lean Principles
View more whitepapers 
 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDG Connect IDG World Expo Infoworld
The Industry Standard ITworld JavaWorld LinuxWorld MacUser Macworld Network World PC World Playlist
Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.