I recently blogged about something interesting in Facebook privacy (http://blogs.pcmag.com/securitywatch/2010/01/is_facebook_privacy_a_sham .php - hat tip to F-Secure): If you upload an image and set the permissions to "Only Me" it gives you a publically-accessible URL through which anyone can access the image.
A Facebook employee entered a comment that said that only the user who posted the image gets that URL from them, so therefore it's private. The URL (http://www.facebook.com/photo.php?pid=4722564&l=c56ff5065a&id=675398046 for example) isn't especially obvious, although the last "&id=675398046" is my user id, which is public in Facebook. The URL may not be obvious, but it's on a publically-accessible site so it's at least a little cheesy to call it private. What do you think? Larry Seltzer Contributing Editor, PC Magazine [email protected] http://blogs.pcmag.com/securitywatch/ <http://blogs.pcmag.com/securitywatch/>
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
