March 25, 2008 -- (WEB HOST INDUSTRY REVIEW) -- A security hole discovered on Monday in popular social networking site Facebook (facebook.com) made it possible for strangers to look through users' personal photo albums, despite unveiling new settings last week to give members more ways to restrict access to their personal profiles.
Byron Ng, a computer technician from Vancouver, Canada, brought the issue to light when he began looking for security weaknesses in the site after last week's privacy upgrade announcement.
Despite Facebook's attempt to boost security measures for its users, Ng says he was able to pull up the most recent pictures posted by Facebook members and their friends, even if the privacy settings were set to restrict the audience to a select few.
According to reports by The Register, Ng was able to do this by guessing the ID of a photo. Facebook apparently didn't check for user permissions and even gave hints about what the ID of recent photos might be, so through this method, Ng was able to find private pictures of Paris Hilton at the Emmy awards as well as ones of her brother consuming alcohol with friends.
By Monday afternoon, Facebook spokesperson Brandee Barker says the company fixed the bug within an hour and would continue to make enhancements to the site "because [Facebook] takes privacy very seriously."
Despite promises to keep information private and secure, this isn't the first time a social networking site has accidentally let personal information leak to the public. In June 2007, The Register reported that Facebook was leaking sensitive details like users' political views and religious backgrounds.
And earlier this year, MySpace (myspace.com) suffered a security breach that exposed its members' private photos.
