Facebook 上貼的所有的連結都是公開的

tl;dr:Facebook 認為這個功能是 feature,不是 bug。

在「Why you shouldn’t share links on Facebook」這邊作者發現在 Facebook 上貼的「任何一個連結」都會產生 object id,而任何一個 object id 都可以直接取得 url,無論權限設定,像是這樣:

而 Facebook 認定這是 feature 而非 bug:

可以想像 NSA 之類的單位與地下組織開始狂掃...

This entry was posted in Computer, Murmuring, Network, Security, WWW and tagged , , , , , , , , , , . Bookmark the permalink.

One Response to Facebook 上貼的所有的連結都是公開的

  1. John Linq says:

    Update: Facebook decided to fix this issue after all. This blog post received way more (media) attention than I’d have expected. I am glad people responded and Facebook listened, but if I had known this article would gain this much attention I’d have spent even more time discussing my concerns with the vendor before going public.

Leave a Reply

Your email address will not be published. Required fields are marked *