‘Report abuse’ features in Facebook give users access to personal, private and hidden photos, which would normally be hidden from view.
The flaw was spotted by members of a body building forum, no less. In a nutshell, the flaw allows Facebook users to access photos revealed by the report abuse tool.
Only a handful of images are presented to the user as part of the ‘report’ feature, which is used by Facebook to maintain decency and remove harmful images, posts or content.
8:00 pm on Dec 6, 2011 (gmt 0)
I'd say ROFL if it weren't frightening. I can't bring myself to quote or paraphrase from the article more on the nature of the flaw, not until I know they've fixed it.
FB's implementation is such an unbelievably stupid approach for getting user feedback that it boggles the mind. You'd think by now they would have a handle on the basics of designing access rights into a social network. Those new CPOs (Chief Privacy Officers) are going to have a lot on their plates.