Originally posted on TechCrunch:
How many photos do you have on Facebook? How many of those are photos you never thought to back up?
This just-disclosed Facebook bug would have allowed for anyone with a bit of technical know-how to delete any photo on Facebook.
Fortunately, the guy who discovered the bug (Laxman Muthiyah of India) was quick to give Facebook a heads up — and for his troubles, he got a $12,500 bounty. (Sure, the bug could have pretty easily done more than $12,500 worth of damage to Facebook — but that’s not quite how bug bounty projects work.)
Facebook turned around and fixed the bug in about two hours.
Laxman has a breakdown of how it all works here, but here’s the short version: Facebook’s Graph API wasn’t checking permissions properly. If you sent a request to the Graph API to delete another user’s photo album and toss your own Facebook for…
View original 169 more words
Today I did read a Blogpost on Phoenix Viewer Blog. Looks like there will maybe be a new Phoenix Viewer Release someday. The Phoenix Team wrote it’s sounding lately like LL is starting to take a less aggressive stance towards V1 than what we were initially told nearly a year ago.
They say LL has no immediate plans now to break v1 by turning off server side functionality. But they also note that this is rather an impression and not an official statement from Linden Lab.
There is also not an Date set so its not clear when a next Phoenix Viewer Release will come but hopefully within the next few month. They will probably address some of the performance, stability and mesh related issues the Phoenix users are experiencing on the 1600 release.
Read the latest Phoenix Viewer Blogpost here.