Do you upload photos to facebook, create album and set privacy settings to it? I do it, but surprisingly today I found out that it may be hidden from people present on facebook but those personal photos/albums are not really protected.
To give you a demo[use Firefox], Open any of your album. Click on the photo, once opened right click on it and select View Image. Here try to notice the change in url or in more techie terms the connectionstring.
For instance STEP#1
I have opened one of my private album and opened the photo which is: https://www.facebook.com/photo.php?fbid=2495739472781&set=a.2495734472656.144476.1231669070&type=3&theater
If you copy and paste this url in browser, without or even by logging into facebook you won't see the picture. Ideally you'll get error as
This album is shared only with one person than me. So ideally no body else than her can see this photo/album.
STEP #2
If I right click and select view image I get a new connectionstring/url which is
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/314985_2495739472781_50463433_n.jpg
Try copy/paste in browser and you'll clearly see the photo, even without logging into Facebook.
I feel if hackers will be able to decrypt the connection string and understand the pattern it might be easy to see all such photos which are shared privately on facebook, even without logging into it.
I would like to know your views/comments on this, prolly from Techie perspective!
To give you a demo[use Firefox], Open any of your album. Click on the photo, once opened right click on it and select View Image. Here try to notice the change in url or in more techie terms the connectionstring.
For instance STEP#1
I have opened one of my private album and opened the photo which is: https://www.facebook.com/photo.php?fbid=2495739472781&set=a.2495734472656.144476.1231669070&type=3&theater
If you copy and paste this url in browser, without or even by logging into facebook you won't see the picture. Ideally you'll get error as
This album is shared only with one person than me. So ideally no body else than her can see this photo/album.
STEP #2
If I right click and select view image I get a new connectionstring/url which is
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/314985_2495739472781_50463433_n.jpg
Try copy/paste in browser and you'll clearly see the photo, even without logging into Facebook.
I feel if hackers will be able to decrypt the connection string and understand the pattern it might be easy to see all such photos which are shared privately on facebook, even without logging into it.
I would like to know your views/comments on this, prolly from Techie perspective!
