Dislike: Someone found a way to delete your Facebook videos remotely
Don't worry - it's patched now
Sometimes the biggest exploits come from the smallest of places.
This turned out to be the case for Facebook, as researcher/computer whiz Dan Melamed managed to find a simple trick that lets a user turn off comments - and outright delete - videos uploaded by someone else.
The exploit Melamed reported is deceptively straightforward. The basic explanation is that while uploading their own video to an event page, a user can change the video's ID number mid-post to that of another user's video.
This results in the targeted video being uploaded instead, along with the unintended user now having control over it. This would allow them to either disable comments or delete the video entirely, just as if they were authorized by the video's original owner.
While that might be a blessing to anyone with a compromising video of them online from that crazy New Year's party or anything else best kept off Facebook, Melamed saw the potential harm in the bug and demonstrated it to the social media giant so it could be patched.
The icing on the cake? For his efforts, Melamed was awarded a $10,000 bounty by Facebook shortly after showing the social media company the exploit.
Even though Melamed reported the bug last summer, you can now see the so-called hack in motion in the video below:
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
Via Gizmodo
Claude AI and other systems could be vulnerable to worrying command prompt injection attacks
Amazon teams up with Samsung rival to design and build bespoke next generation tech that will help AWS pull ahead in the hyperscaler race
Funko Pop's AI-powered 'Brand Protection' service temporarily takes down indie gaming site, proving that automation without humans is a mistake