Facebook fixes security flaw that could have wiped all photos off the site
With security patches being fixed all over the place, its no surprise that Facebook had its own. The social networking giant recently patched a vulnerability that could have let a hacker in and possibly given him/her the chance to delete every single photo on the site.
As of 2013 Facebook has more than 350 million photos uploaded to the site every day. That figure is obviously a lot higher now along with its user base, which is now is some 1.3 billion people strong. Just imagine the number of photos stored by Facebook and the storage space needed for it, large isn’t it?
According to one Laxman Muthiyah who is a security researcher, a relatively simple bug may have been all it took to delete that entire data bank.
“Any photo album owned by an user or a page or a group could be deleted.” he wrote on his blog
Muthiyah had apparently found the bug after playing around with Facebook’s Graph API, which is a developer platform that allows websites and applications to tap into Facebook’s data.
Usually, the Graph API does’t give a user access to delete another person’s photos or albums, but by tweaking an access token from his mobile device, he was able to force Facebook to think that the album belonged to, giving him full access to the album
The severity of the bug was so that within two hours of being reported, it was fixed and Muthiyah was awarded $12,500 for his efforts. Sophos, the IT security giant speculated in its blog that, given enough resources, Muthiyah could very well have deleted every photo adding that It’s “just a question of horsepower” to which Facebook is yet to give a response.
It also introduces a Legacy contact feature
Speaking of Facebook, they have added a new setting to the site that deals with giving users the option of having their account permanently deleted when they die. Additionally, they can choose to nominate a friend or family member to take control of some aspects of the account after their death.
These features were among the most requested by users who gave feedback on its memorial page policies. Titled Facebook’s “Legacy Contact” feature, it will initially only be available in the US. With the feature came Facebook’s announcement which stated that when a person passes away, their account can become a memorial of their life, friendships and experience.
In addition, If a user chooses to allow someone to manage their page in the event of their death, that person will be able to perform actions such as write a post to display at the top of the memorialised timeline, respond to new friend requests (a tad creepy since you’re adding a person who’s dead), update the profile picture and cover photo etc. Furthermore, people can also opt to give their legacy contact permission to download an archive of the photos, posts and profile information they shared on Facebook.
Other settings will remain the same. The legacy contact will not be able to log in as the person who died or see their private messages.
Facebook has been looking at ways to help families remember loved ones following a series of high-profile cases in which people wanted to access dead relative’s pages such as the case where a father wanted to create a video using Facebook’s Look Back feature, but could not do so as he could not access his son’s profile, to which Facebook replied saying they would create one and promised that they would look again at how to help families in similar circumstances.
There’s a giant heart in the middle of Times Square
Now for some quirky Valentine’s Day news. A sculpture in Times Square is gaining popularity. Why you ask? Well, for one, it’s a giant heart-shaped sculpture in Times Square. Named HeartBeat, the sculpture was the winning design for the Times Square Alliance, which holds a competition each year for a Valentine’s Day heart sculpture.
Elongated and outfitted with reflector lights, drum pads and other percussive instruments, the sculpture invites people to tap along to a low-frequency beat emanating from inside.
Sara Valente and Marcelo Ertorteguy of Stereotank, who designed HeartBeat say “Love is about sharing and being ‘in tune’ with somebody, so it is the creation of music. A concert is a combined action where the performers are also ‘in tune’ creating harmony”
HeartBeat also pulses with a warm light that glows at night. Lori Zimmer from Inhabitat writes explains how the pulsing light echoes the dazzling lights of surrounding billboards making the piece feel like the actual heart of Times Square.
The sculpture will be on display until March 8, so if you’re in the vicinity, you could go have a look. After all, how many giant light emitting low frequency beat emanating hearts are you going to see in your life time?