Instagram’s own posts are not as private as you think

Related Articles

Nokia Leads the Global Rankings in Updating Smartphone Software and Security

Nokia Leads the Global Rankings in Updating Smartphone Software and Security

Apple fixes the vulnerability that allowed the iPhone to be broken

Apple fixes the vulnerability that allowed the iPhone to be broken

Only five of the leading providers account with about a quarter of the vulnerabilities

Only five of the leading providers account with about a quarter of the vulnerabilities

The Instagramphoto sharing platform has a serious securityvulnerability in how it handles private accounts, so that photos and videos posted to private accounts are not as private as they may seem.

A report from BuzzFeed shows how they can be accessed, downloaded, and publicly shared by friends and followers, so that this step requires only a rudimentary understanding of HTML and a web browser.

This is done from a series of mouse clicks on any web browser to reveal the static URL of posts and private stories cached on servers. Anyone can use a web browser, such as google chrome, to scan the source code on a webpage using the Check Items tool.

By accessing the “Img” section, you can find the URL of any Instagram image clicked, whether it is a disappearing story or an image published in the user’s feed.

This URL can then be shared and displayed by anyone, including people who are not following the respective account. According to the tests, JPEG and MP4 files can be viewed, downloaded, and shared in this way.

In addition to revealing static URLs for images posted to a private account, this method also allows the withdrawal of URLs for account images of other Instagram users who may have interacted with this post and may have their own accounts as well.

The report explains that the private account must first be tracked in order to access the user’s feeds and stories, but the flaw and ease of exploitation are unintentional failures by the Instagram privacy and security teams.

URLs continue to retrieve images from Facebook servers even after deleting posts, for images published in the feed and for stories deleted after 24 hours. The story URLs allow them to be returned for several days after the expiration date.

The report states that the same method retrieves the URLs of private Facebook posts and photos.

Source : BuzzFeed

Similar Articles:

How to Secure Your Identity & Become Anonymous Online in 2019

How to Secure Your Identity & Become Anonymous Online in 2019

It’s Almost Impossible to Tell if Your iPhone Has Been Hacked

It’s Almost Impossible to Tell if Your iPhone Has Been Hacked

An exposed password let a hacker access internal Comodo files

An exposed password let a hacker access internal Comodo files

Australian Child-Tracking Smartwatch Vulnerable to Hackers

Australian Child-Tracking Smartwatch Vulnerable to Hackers