Facebook has disabled a New Year messaging feature after a student uncovered a flaw which let him read strangers' private messages.
The New Year's Midnight Delivery feature was set up on Facebook Stories so users could write messages to friends which would automatically be sent after midnight.
But Aberystwyth University student Jack Jenkins discovered that by tweaking the Url after sending a message, he could read and even delete other users' messages.
He blogged about the error, writing: "I just wanted to share this. I don't know how a site like Facebook can continue to take these kinds of risks.
"PLEASE Don't go deleting random messages, but try and delete one of mine that I set up especially if you want."
Facebook promptly disabled the feature upon discovering the issue.
A spokesman confirmed the site was back up and running again, having been taken offline while staff dealt with the issue.
Facebook Stories is a separate site from the main Facebook site, and does not affect messaging on Facebook itself.
The error comes after a picture posted by Facebook founder Mark Zuckerberg's sister Randi led to her claiming her privacy had been breached.
A marketing director tweeted the private family photograph that Ms Zuckerberg had shared on her personal Facebook page.
- Related Stories
- Online Privacy Rules For US Kids Get Revision
- Instagram Denies Plans To Sell Users' Pics
No comments:
Post a Comment