The Standard Group Plc is a multi-media organization with investments in media platforms spanning newspaper print operations, television, radio broadcasting, digital and online services. The Standard Group is recognized as a leading multi-media house in Kenya with a key influence in matters of national and international interest.

Standard Group Plc HQ Office,
The Standard Group Center,Mombasa Road.
P.O Box 30080-00100,Nairobi, Kenya.
Telephone number: 0203222111, 0719012111
Email: [email protected]

NEWS & CURRENT AFFAIRS

The Nairobian

Facebook forced into embarrassing last minute closure of 'Happy New Year' service

Sci & Tech

By - | Jan 01, 2013

- Daily Mail

Facebook was forced to take down its New Year's Eve message feature for several hours on Monday after it was found to have a flaw that allows anyone to view and even delete personal messages intended for other users.

The social network last week launched its Midnight Message Delivery feature to allow users to send New Year's messages to friends that automatically arrive on the stroke of midnight tonight.

However, in a major embarrassment for the firm, one student blogger noticed that a simple tweak of the URL at the top of the page allows users to access messages written by total strangers - and even delete them.

Aberystwyth University student Jack Jenkins revealed the privacy flaw on Facebook's Midnight Message Delivery features on his blog early this morning.

Keep Reading business

“Facebook have not been very security conscious when setting this up,” he wrote.

“By simple manipulation of the ID at the end of the URL of a sent message on the FacebookStories site, you are able to view other peoples Happy New Year messages.”

By experimenting with the flaw, Mr Jenkins said he was even able to see pictures sent by people.

“It is you may say a pretty harmless flaw, as they tend to be generic messages and you can’t see who sent them (it shows your profile pic next to the message, as if you’ve sent it),” he said.

“However you can see the names of the recipients of the message.

“Some messages do contain a photo, one such message I saw contained a photo of a father and their child, another a family photo, another was a personally written message with a photo.”

A Facebook spokeswoman early this morning confirmed that it was aware of the issue and was working on a fix.

“In the interim we have disabled this app on the Facebook Stories site to ensure that no messages can be accessed.”

However, by 3pm the firm confirmed the service was live again.