I don’t really write about tech stuff here, but this is such a glaringly obvious privacy hole in Facebook and it’s been around for months, if not years, without being addressed—or even really noticed.
Basically, any photo on Facebook, seemingly regardless of privacy settings, can be direct-linked to and viewed by anyone, Facebook account or not, as long as somebody with access to the photo right- or control-clicks on the picture and selects “Copy Image Address” or whatever the equivalent is in their browser. The resulting URL can be viewed by anyone.
I don’t know why this is—I have no background in any of the relevant technical stuff—and I know that the same results can basically be had by anyone who knows how to do a screen grab. Still, isn’t it weird that Facebook stores all its photos in must be totally unprotected directories? (Again, I have no idea if that even makes sense in a technical context, but you get the idea.)
Has anyone else noticed this? Is there a reason for it?
