Bug hunter Laxman Muthiyah has reported a Facebook vulnerability that exposes private photos to potentially malicious applications. The hacker received US$10,000 from Menlo Park for reporting the bug in Facebook Photo Sync and an API that allows third party apps to siphon private pics. Muthiyah says iOS and Android apps that …

  1. deadlockvictim

    "private" photos

    I suppose that Facebook would be concerned, after all they own the photos.

    1. Karl Austin

      Re: "private" photos

      No they don't, the taker still owns them. They just grant facebook a right to use them as they see fit, forever more.

  2. Anonymous Coward
    Anonymous Coward

    Facebook and Security?

    I thin someone should actually investigate FB and their security.

    Unlike Banks and other Financial / Medical institutions, there are no regulatory concerns as to how they must protect your information, assuming you're foolish enough to put stuff up on FB and share your personal life with them...

    Said Anon for a very good reason.

    1. Anonymous Coward
      Anonymous Coward

      Re: Facebook and Security?

      While that someone is investigating FB, they could do something about the many known violations of regulatory requirements, laws and promises to be ethical from financial institutions, medical institutions, global industries, land developers, and those other someones previously tasked with investigating such groups.

  3. Tom 13

    Wait, I thought FB didn't allow you to post saucy pics.

    Surely you understand that if your pics are on FB, world + dog already have access to them regardless of where you think you set the security.

    So what was being nabbed?

  4. Anonymous Coward
    Anonymous Coward

    Where can I find the whitelist mentioned in the article?

