back to article Undead deleted photos linger on social networking websites

That embarrassing party shot of you and that hot dog may still come back to haunt you - photos posted on social networking websites can often be easily viewed even after users attempt to delete them, according to a study by security researchers at the University of Cambridge. Researchers posted photos on 16 social networking …

COMMENTS

This topic is closed for new posts.
  1. SuperTim

    Spokesman BS?

    "A Facebook spokesman told the BBC: "URLs to photographs may continue to exist on the Content Delivery Network (CDN) after users delete them from Facebook, until they are overwritten. Overwriting usually happens after a short period of time.""

    I guess this is one of those times where you can say "With respect, that's bollocks!"

    also, what does "short period of time" mean? The grand canyon was carved in a short period of time.....5 million years!

  2. Winkypop Silver badge
    Pirate

    Beware

    The undead pics from the vaults of the underweb!

  3. Anonymous Coward
    Anonymous Coward

    There's a lot of interesting stuff in Google's cache as well

    which often provides an easy in to locating this sort of material (primarily tasteful semi-nude self portraits captured via the delightful medium of a bathroom mirror).

    Simple rule of thumb: don't put your shit on the Internet and maintain anonymity.

  4. Solomon Grundy

    Figures.

    Web 2.0 sucks.

  5. Mike Crawshaw
    Alert

    You... you mean...

    that if I post stuff on t'interwebtubess, it might escape my control?? No, surely not, that's just implausible....!

  6. Anonymous Coward
    Boffin

    @SuperTim

    Even if one takes what the Facebook spokesman told the BBC at face value, he's still admitting Facebook taking a sloppy approach to user privacy. It's pretty trivial for the "delete" process to do a standard 1-pass random wipe of the image file.

  7. Peter H. Coffin

    Remember those TOS change protests?

    The ones about "Facebook is trying to own users' lovingly-crafted content!"? This is why those TOS changes to those sites were made in the first place: the sites know that there's no way with the current processes to ensure that photos and anicillary user content can be caascaded reliably through not jsut databases but also large numbers of content caching servers, some of which aren't even under the website's control.

  8. Anonymous Coward
    Anonymous Coward

    Notification service

    Shows how little these Web 2.0 wonks know. A decent system will have a notification service that allows different parts to subscribe to messages about the creation, updating and deletion of various things. In this case, the social networking site's account servers should publish a deletion event for the user's photos. The CDN servers (fancy, Web 2.0 name for static servers) would respond to the message by deleting the photos. This should take as long as it takes the message to propagate through the network.

    It's all part of a decent event based system, and there's a load of software out there to accomplish this from big commercial packages like MQ Series to open source ones like OpenAMQ. The trouble is, most web application developers I encounter know bugger all about architecting a decent system.

  9. Vision Aforethought
    Flame

    Lord Of The Flies

    People, not wanting to sound old and crusty, but if you just study the history of Facebook and do some (deep) research, you will clearly discover that this is not a company founded on good will, but like an oil company, it will do anything to make money. (It's very origins are dubious.) Just as Google got burned with their Street View feature, these companies are run by people who while very savvy, are too young to be aware of their station. Meaning, they don't know the difference between right and wrong. Microsoft, for all their flaws, are run by wiser people who probably shudder at the blatent missuse of public trust by their younger competitors or partners. (Microsoft's service was proven to be the most reliable at deleting files.)

    The decade of appalling (and embarassing) voyouristic celeb culure, 'reality' TV and worse has sadly created a generation of self serving people (and politicians, in particular here in the UK) who should not be in any position of power.

  10. Dave
    Unhappy

    Iran-Contra

    Wasn't the issue of deleted, but not really deleted, files one of the things which caused considerable consternation during the Iran-Contra affair over 20 years ago? Will humanity never learn?

    Dave

  11. bell
    Thumb Down

    No Michael, it is actually that easy

    Consider yourself reported to the analogy police.

    Any file system since the year dot has removed or marked as unavailable the link between the filename and the bucket of bits it represents. No matter how careful you are to record the filename it won't do you a bit of good. Even before the bits have been replaced.

    Facebook are apparently failing to perform even this basic step, which would be enough really. I also fail to see how it would be infeasible for them if it is feasible for other Web 2.0 soilpipes like Flickr. Possibly beyond them, but not infeasible.

  12. Anonymous Coward
    Anonymous Coward

    @Michael

    "This is pretty much the way every disk drive based operating system has "not actually" deleted files"

    Bad analogy. If I delete a file and then ask for a listing, the file isn't there even if the bits that made up the file are still physically there on the disk and I can't just open it up by passing the filename as an argument to my text editor. What Facebook and co are doing in effect is performing the delete from the directory, but allowing me to still open the file in my editor. Not good OS design or web app design.

  13. Christopher Ahrens

    @Michael

    "If you have the opportunity to keep a "careful record of the URL associated with the photos" you may as well keep the photos.

    As anyone who has viewed the photos might."

    Actually it is easily accomplished when just right-clicking -> Copy Image Location

    Most Web pages do this to point directly to images.

    You should never expect anything that is put on the internet to remain anonymous for long, or that it will go away after time. This is why I have never set up a 'Blog' or a social networking account, and never will.

  14. Lord of Dogtown
    Heart

    PHD?

    Some arse is doing a PHD in social networking sites, thats akin to a PHD in brothels.

    McDonalds for him

  15. sam bo
    Happy

    @Christopher Ahrens

    "You should never expect anything that is put on the internet to remain anonymous for long, or that it will go away after time. This is why I have never set up a 'Blog' or a social networking account, and never will."

    The same could be said for posting under your own name in "comments" - then again maybe Christopher Ahrens is a pseudonym

  16. Anonymous Coward
    Alert

    What the...?

    How do *you* know about the hot dog pic?

  17. Anonymous Coward
    Pirate

    @ Vision Aforethought

    'The decade of appalling (and embarassing) voyouristic celeb culure, 'reality' TV and worse has sadly created a generation of self serving people (and politicians, in particular here in the UK) who should not be in any position of power.'

    Excellent! do you want to form a political party?

    @ Michael

    Your 14 aren't you?

  18. Anonymous Coward
    Anonymous Coward

    Re: Not really easy

    @ Michael:

    " This is pretty much the way every disk drive based operating system has "not actually" deleted files since day 1... "

    No it's not. When you delete a file, someone who only has the filename (eg /home/aorlowski/photos/dragnight.jpeg) can't see in any more, but this is exactly what Facebook lets you do. "Delete" means "deLIST" and it's still on the master file list. THAT's the problem.

    We're not talking about memorising URLs -- what if someone links to the photo from their blog? The average user would expect that link to stop working when they delete the photo. They should get what they expect.

  19. tiggertaebo

    Posting something on the Internet means you lose control of it

    in other news: snow is cold, night is dark, water is wet

  20. John
    Flame

    @Michael...

    Proof of the adage that an infinte number of monkeys banging on a typewriter will one day output Shakespeare...

    Your the monkey sadly that one the face of it is banging out something intelligent and coherent... Wait... I lied..

    Your orginal post about the way disks store images and the way the links worked in the story is complete and utter twaddle, I'm downright surprised that you poke your head back in to the same set of comments with yet another poorly conceived set of ideas..

    Well, opinions and arseholes and all that.

  21. Peter File

    same must happen with e-mails

    I'm pretty sure msn, yahoo and other e-mail providers must keep all our deleted e-mails. Like tigger said, post something on the Internet, you no longer have control.

This topic is closed for new posts.

Other stories you might like