facebook photos not private?

I just noticed: If you know the URL of a photo in facebook, you don’t have to have permissions to see it! You don’t even have to log in to facebook!

Check out, one of mine.

Is this a privacy hole? Is it a feature? Should users be concerned?

2 Responses to facebook photos not private?

  1. KCorax says:

    Its clearly a hole but I woudn’t hold it against them, securing static assets without causing caches to dimiss things immdiatelly is a bitch. Most major hosts just reshuffle things periodically or pay more for bandwidth.

    I think that users should be concerned about whom they add as a friend more than that.

  2. GuyinBlack says:

    that’s what this little program does :)

    http://www.vincentcheung.ca/facedown/