A Shocking Tale of How Secure Your Facebook Profile Is

Facebook is one of the most popular social networking sites in the country and we would expect them to take all the security issues very seriously. However, there is a shocking tale that we have come across.

A tech friend of ours, Vivek Bansal had written a script 11 months ago, which enabled any mobile or web application to post any message, image or video on your timeline. What’s more the same script could even post the same content even on your friend’s timeline on your behalf and all this without taking any prior permission from you. To show how it used to work, see the video demo.


Like any responsible netizen, Vivek contacted the security staff at Facebook about the bug. For bringing this bug to Facebook’s attention, Vivek was awarded $2,000 and in January 2014 he even got a confirmation that the bug had been fixed.

Screenshot of the email:


However, 10 months after Facebook had confirmed patching the bug, it still continues to work! Vivek had made another video of the same script in action on November 5, 2014 and even showed us a demo of the same today.

Well, we are not sure if the bug was fixed in the first place or not but we would surely want Facebook to be much more careful with things such as these. What do you think of the entire episode, do let us know your views on the same in the comments below.