The Midnight Deliveries feature Facebook planned to amaze its users with have been discovered with a serious privacy flaw.
1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Facebook had it planned for the New year, but the witless code running behind to make it happen seems have revolted. The Midnight Deliveries feature Facebook planned to amaze its users with have been discovered with a serious privacy flaw.

Facebook introduced the Midnight Deliveries feature last week targeting the New Year. This feature would take messages from the sender and will deliver the messages to the recipients as the clock strikes midnight on New Year’s eve.

The feature was accessible (now under maintenance mode) through the URL FacebookStories.com/MidnightDelivery. When a message is saved for sending the system returns a URL in the format

http://www.facebookstories.com/ midnightdelivery/confirmation?id=XXXXX

The sender can see the message by accessing this URL. The issue is, by changing the digits under the “id” tag anyone logged into Facebook can see messages sent by other users; the name of the original sender is replaced by the name of the logged in user, and he/she is granted full access to the message. That means, anyone can modify the message, and even delete the message. However, this flaw can’t be used to target specific Facebook users.

This flaw was first made public by a student named Jack Jenkins in his blog. Later on, the story was picked up and confirmed by major tech news sites.

Facebook has also took the issue seriously, and currently trying to fix the issue. If you visit the Midnight Deliveries site, you will see the following message now.
FB Midnight Delivery

Source: TheVerge

Buy Cheapest Related Product From Amazon.com


Netbook Market Inches Towards An End, ASUS And Acer Pulling The Plug

Michigan Passes Law To Protect Online Privacy, Especially In Social Networks
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On December 31, 2012(3 years, 9 months ago.)

You May Also Like:

What Do You Think?

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

There is a high-risk XSS Vulnerability in W3 Total Cache, and we have got the guide to the fix for you.
Check out this tutorial to know how to install Apple watchOS 3 beta certificate on your Apple Watch and start enjoying the new version.
If you are trying to jailbreak iPhone, iPad or iPod on iOS 9.2 - 9.3.3 without using a computer or Apple ID, then check this video tutorial.
Pokemon Go users are complaining about the crashing and server issues. Check out the tutorial to solve error problems and thanks us later.
Turning off Wi-Fi Assist is a great way to save mobile data since it automatically starts using cellular data when Wi-Fi signal is poor .
If you want to secure your SIM card from others using it, then check out this tutorial to know how to set up the SIM Pin code on your iPhone.
CiderTV is a great alternative to control Apple TV from the Notification Center. Check out this tutorial to set up CiderTV on your iPhone.
Are you annoyed by the split screen mode on the iPhone 6 Plus or 6s Plus? Check out this quick tutorial to turn off split screen feature.
If you could not wait to installed the iOS 10 beta version on you iPhone and now struggling for the errors, then this tutorial is for you.
Siri might not understand the question you asked. But you can use Siri by editing the text that you asked & it will give an updated answer.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook