Skip to main content
  1. Home
  2. Computing
  3. News

Facebook squashes bug that let anyone delete any picture or animation

By

Facebook 3D posts
Image used with permission by copyright holder
If you’re putting your life out there on Facebook, then you’re probably hoping your priceless images remain around for all posterity. At the very least, you want to be the one to remove them from the site should you decide they contradict your recent conversion to Buddhism. Fortunately for you and every other Facebook user, a bug was discovered and fixed that would have allowed anyone to easily delete your pictures and animated GIFs.

As reported by Security Week, the flaw was identified by Iranian security researcher Pouya Darobi, who was taking a look at a new Facebook polling feature and discovered a simple method for deleting any image or animation posted on Facebook. Thanks to Facebook’s generous bug bounty program, which put $10,000 in Darobi’s bank account, the bug was promptly reported and Facebook implemented a temporary fix on November 3, the day the bug was reported. A permanent fix came out on November 5.

Recommended Videos

At the heart of the program was a new polling feature that Facebook rolled out at the beginning of November. The feature allows users to create polls and add pictures and GIF animations. The poll creation process generates code that includes the unique image identification number for each picture and animation that is included with the poll.

Please enable Javascript to view this content

If the poll post was subsequently deleted, then the images were deleted as well. The problem was caused by the ability to replace the image ID in the code with that of any other image on Facebook, including images owned by other users. Deleting the post deleted those images as well.

Related

This is not the first bug that allowed users to delete Facebook materials. Other bugs have been discovered by researchers, like Darabi, that allowed the deletion of comments, videos, and photos. Like this bug, the method in many instances revolved around simply replacing the asset ID.

Darabi has made a pretty penny reporting bugs to Facebook, with a bug reported in 2015 that netted him $15,000 from the social media giant and $7,500 for another bug reported in 2016. All told, Facebook has shelled out well in excess of $5 million in its bug bounty program. It’s enough to make you want to spend some time locking down your Facebook account.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Details leak on the upcoming RTX 5070 Ti and RTX 5070 GPUs
The back of the Nvidia RTX 4080 Super graphics card.

As we draw closer to January, leaks and speculation around Nvidia’s next-generation RTX 50-series GPUs are echoing all over the internet. The latest scoop comes from renowned leaker Kopite7kimi providing insights into Nvidia's midrange Blackwell graphics cards, the RTX 5070 Ti and GeForce RTX 5070.

As per the leaks, the RTX 5070 Ti is set to feature the GB203-300-A1 GPU, equipped with 8,960 CUDA cores, offering a substantial increase in processing power compared to its predecessor. The card is rumored to include 16GB of GDDR7 VRAM on a 256-bit memory interface, providing enhanced memory bandwidth for demanding applications such as 4K gaming and video editing.

Read more
It’s not just you: ChatGPT is currently down
OpenAI and ChatGPT logos are marked do not enter with a red circle and line symbol.

OpenAI's ChatGPT platform and Sora video generator have gone offline and are currently not responding to user queries.

Social media accounts began posting about the outage around 1:30 p.m. ET on Thursday, which coincided with a surge of reports to Down Detector. The company confirmed the outage in a blog post at 2 p.m. ET stating, "we are currently experiencing an issue with high error rates on ChatGPT, the API, and Sora. We are currently investigating and will post an update as soon as we are able."

Read more
Best Buy just slashed the price of the LG Gram SuperSlim laptop by $500
The LG Gram SuperSlim laptop on a white background.

In one of the most attractive laptop deals that we've recently come across, Best Buy has slashed the price of the LG Gram SuperSlim from $2,000 to $1,500. That's a steal when you consider the capabilities of this powerful device, so you're going to have to hurry if you want to take advantage of this offer because we're pretty sure that there will be a lot of interested shoppers. Add the laptop to your cart and complete the checkout process before the bargain gets taken down -- along with the $500 discount.

Why you should buy the LG Gram SuperSlim laptop
When you turn on the LG Gram SuperSlim, the first thing you'll notice about this laptop is its amazing display. It comes with a 15.6-inch OLED screen with Full HD resolution and a 0.02ms response time, for sharp and smooth visuals with realistic details and color, whether you're watching streaming shows or working on any type of project. However, even with this decent-sized display, the laptop stays true to its SuperSlim name, as it weighs just over two pounds and is thinner than an AA battery. It achieves this while maintaining durability, as it passed military-grade tests for vibration, high and low temperature, and more. There's growing interest in thin laptops, and LG is filling that niche with the likes of the LG Gram SuperSlim and the LG Gram UltraSlim.

Read more