UPDATED 14:18 EDT / DECEMBER 31 2012

Facebook Privacy Loophole Minor Compared to Other Fails

Facebook’s newest service lets you schedule a private greeting for your friends that will be delivered exactly on midnight, sparing you the choir of deciding on an acceptable timeframe before or after the New Year. The app is fairly straight-forward, but it appears that it launched with a rather inconvenient and undocumented feature.

A blogger by the name of Jack Jenkins discovered a loophole that allowed anyone with the URL to a Midnight Deliver confirmation message view the recipients and the greeting itself, which they could also delete. Facebook quickly pulled the plug on the service after the bug was picked up by The Verge, and has since resolved the issue.

Some more background:

“When a user successfully submits a message to be sent to their friends, he or she will be displayed a confirmation screen that displays a URL: http://www.facebookstories.com/midnightdelivery/confirmation?id=XXXXX. From here, anyone that’s curious can simply change the ID variable at the end of the web address and then view other messages left for people.”

This latest privacy scare is minor in comparison to what Facebook had to deal with   almost continuously for the past few years. Most recently, a change to Instagram’s ToS set off a mini-exodus that the company quickly stopped by reverting the terms. The now removed edit mentioned the use of individuals pictures in ads, a feature that sounds incredibly similar to Facebook’s own Sponsored Stories.

The latter set Facebook back $20 million earlier this month when it settled a class-action suit accusing the social network of using members’ information without their consent. About half that sum was set aside for affected users,  each eligible for a $10 reimbursement.


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU