After receiving flak over the security flaw in its ‘Midnight Delivery’ service, Facebook has finally fixed the bug. Earlier in the week, it had launched the feature that allowed users to schedule private message for their contacts, to be delivered at the stroke of midnight to ring in the New Year.

But thanks to Britain based blogger Jack Jenkins, many users were saved from a privacy gaffe as he discovered that with simple manipulation of the ‘FacebookStories’ URL, the supposedly private messages could be viewed by anyone on the web. Jenkins outlined in his blog just how simple it was to get access to private messages and not surprisingly, his discovery caused quite a furore. Courtesy the flaw, anyone could not only view messages along with pictures, but could even delete them if they wanted to. But what was a saving grace was the fact that it was impossible to get access to the messages sent by a specific user.

Gets 'biz'y

Yet another controversy

Following the outbursts, Facebook apparently took down the service temporarily and fixed the flaw. Jenkins, who has been following the development, reported on his blog, “I have just checked, the bug/oversight has now been fixed.” Jenkins said in his blog post yesterday at 1435 GMT (roughly around 8.00 PM IST).

With people taking to Facebook to wish their near and dear ones, a feature like this would have been much appreciated. After all, you could send private messages to your contacts and rest assured that they would be delivered. But the security flaw was sure to keep people at bay.

Over the last year, Facebook made numerous changes to privacy settings and many raised serious concerns about the same. While Facebook said it attempted to make the settings more transparent, allowing users to have more control of their account, not many are convinced. 

And befittingly so, Facebook founder Mark Zuckerberg, as they say, got a taste of his own medicine when his sister Randi was infuriated when a private picture posted on Facebook went viral on the micro-blogging site Twitter. What transpired was that Randi had posted a picture on Facebook with the Zuckerberg family gathered around the kitchen island, with each of them holding the phone and animated expressions. The caption described that the family members had downloaded the ‘Poke’ application after being urged by Mark Zuckerberg, and the photos depicted their reactions to it.

While Randi had uploaded the picture to her Facebook account and tagged those present, the picture, thanks to the Facebook privacy policy, was also visible to friends of those tagged. That’s how the person who uploaded the picture on Twitter got access to it. Randi expressed her displeasure and lamented about the lack of etiquette, but quite surprisingly remained mum on Facebook’s privacy policy. Needless to say, the incident created quite a stir, with people lampooning both Facebook’s policies and Randi’s reaction to the issue. 

Tags: , , , , , , , , ,