Today, a man COULD have probably deleted all your Facebook photos…

ByCraig Haley

Did you know that Facebook offers a monetary reward for any of you kids out there who can find a serious enough bug or security issue within the Facebook platform?

Many major software developers offer this sort of reward, mostly as an incentive for not selling your findings to unscrupulous hackers.

And Facebook’s most recent pay-out has been this week, to a man called Laxman Muthiyah, a web developer who discovered a pretty serious bug that would allow him to delete any photo album on Facebook, belonging to anyone, as long as the privacy settings would allow him to see it.

That’s a pretty serious bug. Certainly serious enough to warrant a $12,500 pay-out from a grateful Facebook who were presumably happy enough that the bug was discovered by a morally sound security researcher and not one of those kids belonging to “The Lizard Squad”.

[NERD]For those interested, the Facebook Graph API wasn’t authorising requests correctly, allowing a user to use their own Facebook “token” to authorise a delete request for any photo album they could reach. For the technically inclined, an impeccably straight-forward bug that should have been fixed many moons ago.[/NERD]

To Facebook’s credit they fixed the bug within 2 hours of Muthiyah telling them about it, and we’re sure they were thankful. If this were to be exploited by a group of criminals, it could have done untold damage to Facebook’s reputation, as millions of photos could have potentially been deleted.

Though we’re confident all of our readers have all their photos backed up somewhere safe, right? 😉

Find out more about Facebook’s white-hat bounty bug program here.

Keep up-to-date with all our latest articles. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)