Engineer says he has discovered Facebook privacy loophole
An engineer may have uncovered a privacy loophole in Facebook’s new strategy of connecting the Web.
Some people are able to see public events that Facebook users have said they planned to attend, even if they are not friends with the person and even if those users have adjusted their privacy settings. Not all users are affected.
We have reached out to Facebook to find out what's up. We'll let you know when we hear back.
Here's what has happened so far: Ka-Ping Yee, a Google.org software engineer, demonstrated the loophole on his blog by showing a list of Facebook founder Mark Zuckerberg's planned events.
"I didn't opt in for this. I even tried setting all my privacy settings for maximum privacy. But Facebook is still exposing the list of events I've attended, and maybe your event,” Yee wrote.
Events can contain revealing information such as home addresses, names of friends, political or religious activities and the like, Yee pointed out.
It's important to note that this information was already open. But whereas before you would just see a list of people attending an event, now you can see a list of events a person attended, Yee said.
Zuckerberg's events are no longer listed. But other people's public events still are, including some of my own.
You can see what information is revealed about events you planned to attend here.
-- Jessica Guynn