Facebook security hole allows anyone to view private New Year’s Midnight Delivery messages and photos

hamburger story

Facebook recently launched Midnight Deliveries, a special feature that allows users to send messages that will be delivered as the clock strikes midnight on New Year’s Eve. In a surprising security slip-up, first detailed in a blog post by IT student Jack Jenkins, the company has made the URLs for these messages public. The Verge has confirmed that the flaw allows those logged into Facebook to view other people’s messages and photos, and even delete them. By simply changing the digits in a string of numbers at the end of message URLs, Facebook users can gain access to other people’s communications — though users are unable to target specific individuals by exploiting the security flaw.

While many of these New Year’s greetings may not…

Continue reading…

The Verge – All Posts

Leave a Comment