Facebook Pages give public figures, business, and other entities a presence on Facebook that isn't tied to an individual profile. The accounts behind those pages are anonymous unless a Page owner opts to make the admins public. You can't see, for example, the names of the people who post to Facebook on WIRED's behalf. But a bug that was live from Thursday evening until Friday morning allowed anyone to easily reveal the accounts running a Page, essentially doxxing anyone who posted to one.
All software has flaws, and Facebook quickly pushed a fix for this one—but not before word got around on message boards like 4chan, where people posted screenshots that docked the accounts behind prominent pages. All it took to exploit the bug was opening a target page, and checking the edit history of a post. Facebook mistakenly displaying the account or accounts that made edits to each post, rather than just the edits themselves.
"We quickly fixed an issue where someone could see who edited or published a post on behalf of a Page when looking at its edit history," Facebook said in a statement. "We are grateful to the security researcher who alerted us to this issue."
Facebook says the bug was the result of a code update that was pushed Thursday evening. It's not something most people would have encountered on their own, since it took navigating to a Page, viewing an edit history, and realizing that there shouldn't be a name and profile picture assigned to edits to exploit it. Still, despite the Friday morning fix, screenshots circulated on 4chan, Imgur, and social media appearing to show the accounts behind the of ..
Support the originator by clicking the read the rest link below.
