In social networking site, Facebook, a bug allowed users to see other user’s personal chat, prompting the social-networking company to disable its internal instant-messaging service. One can also see their friend’s pending requests. This bug was first noted by the Technology news site TechCrunch and posted a video that demonstrates how the bug could be browbeaten. Facebook said Wednesday on its official corporate page on the site, People had to manipulate "in a specific way" to exploit the now-patched hole the site's feature that lets members preview how their profile looks to each of their friends.

One of the Facebook spokeswoman said via e-mail, “For a limited period of time, a bug permitted some users’ chat messages and pending friend requests to be made visible to their friends by manipulating the “preview my profile” feature of Facebook privacy settings. When we received reports of the problem, our engineers promptly diagnosed it and temporarily disabled the chat function. We also pushed out a fix to take care of the visible friend requests which are now complete. Chat will be turned back on across the site shortly. We worked quickly to resolve this matter, ensuring that once the bug was reported to us, a solution was quickly found and implemented.” When some one asked her how long the vulnerability existed, she replied: "We don't have specifics on how long the vulnerability existed, but it was for a short period of time."

An official with Consumer Watchdog, John Simpson was unsatisfied with this incident and said via e-mail, "Once again we see what happens when companies push the technological envelope with little concern for consumers' privacy rights." An EFF senior staff technologist, Peter Eckersley said, "the bug reinforces the Electronic Frontier Foundation's blanket recommendation for users on Facebook". He also said in the phone interview "What you don't want the world to know about, don't put it on Facebook”, "Facebook's security engineering is improving, but it's still not good enough that we'd ever advise people to put private, sensitive information there."

At a time when privacy concerns regarding Facebook have heated up, the bug comes, after the company recently introduced features that allow third-party websites to tap into users' profile data to personalize their experience for them. Before two weeks, Facebook decided it had refurbished its application development platform so that its site and external sites can web their users' "social graphs" to individually customize their interaction with them. Open Graph API (application programming interface) and Open Graph Protocol is a system which help Facebook to mark up objects in a uniform way so that Facebook and participating sites can understand them properly. For developers, Facebook released plug-ins to easily incorporate on their Web pages Facebook functionality, such as "Like" button, which lets end-users express interest in content and inform participating Web sites.

A Forrester Research analyst, Augie Ray said, “Facebook's site has become a highly complex technology operation serving a massive number of users, which increases the likelihood of breakdowns, so the company must be increasingly vigilant about preventing and fixing bugs and malfunctions.” He also said in phone interview, “As Facebook grows in size and importance, with hundreds of millions of people using it to store and share very personal information; the stakes are sky-high whenever a bug causes a security or privacy breach.”

Ray said, “Not only can these incidents erode the trust end-users and advertising partners have on Facebook, but they also put the company at risk of civil lawsuits and government penalties”. He added "Today's incident doesn't seem like an overwhelmingly substantial security breach, but it is serious enough to raise questions on the minds of end-users as to how much they can trust Facebook with their information" ,"Facebook must make sure incidents like this one don't accumulate to the extent they become a bigger legal or trust issue.” He said, “Once Facebook concludes its internal investigation of what went wrong and why, it would be in its best interest to provide more information about its findings, because transparency will help repair confidence among users and partners.”

Facebook's CEO, Mark Zuckerberg said, "People can have instantly social and personalized experiences everywhere they go." Altimeter Group analyst Jeremiah Owyang predicts this incident like this will happen again and said via e-mail, “Don’t expect this to be the last privacy mishap. As more users flock to Facebook, it'll continue to innovate and change features in order to grow”, “Most consumers don't give privacy a hard think until it impacts their lives directly."

Video of Facebook Privacy Settings Exploit from YouTube:

You Might Also Like :

• Facebook "Like" button Privacy Issue
• Why you Should Signup/Login to Facebook?
• Some Useful Facebook Tips & Tricks
• Benefits of Social Networking Sites
• Popular articles on facebook
• Circles - A new Google Social Network to be launched soon