Instagram Acts Quickly, Patches ‘Friendship Vulnerability’ to Ensure Privacy

Gallery Icon

bill-swift - July 23, 2012

When programmers encounter some sort of vulnerability in popular and well-known apps, they report it to the company so it gets fixed (and maybe get compensated for it through the developer's bug bounty program.)

When hackers discover these vulnerabilities, they take advantage of them to steal personal information, passwords, and even users' money.

So it was pretty fortunate that it was Spanish security researcher Sebastián Guerrero who came across a 'friendship vulnerability' on Instagram, which its developers subsequently fixed within an impressively short period.

Guerrerro identified a security hole that could be used to launch a brute force attack on Instagram, which would allow hackers to 'add' themselves as Instagram friends with anyone they wanted to. This would give them access to the users otherwise private photos and information.

This would obviously have been a big privacy issue, given Instagram's security options would be rendered moot.

Guerrero demonstrated the hole by adding himself to Mark Zuckerburg's Instagram account, posting: Congratulations Mark for Instagram acquisition. When would it be eligible under the bounty bug program?"

Instagram has since fixed the bug, and it seems all is well once again in Zuckerberg's Instagram universe.

Tagged in: gear ,

Disclaimer: All rights reserved for writing and editorial content. No rights or credit claimed for any images featured on unless stated. If you own rights to any of the images because YOU ARE THE PHOTOGRAPHER and do not wish them to appear here, please contact us info(@) and they will be promptly removed. If you are a representative of the photographer, provide signed documentation in your query that you are acting on that individual's legal copyright holder status.