Facebook privacy settings are great. Just a few minutes of tweaking allows you to create complex rules that makes sharing on Facebook easy AND safe.
Or so we thought.
I’ll start by prefacing this with two recent developments. The first is that Facebook is now one of Americas most trusted companies, and the second that around 65 million users are now accessing Facebook from mobile devices. It’s these two factors that make the following so concerning.
Have a look at the privacy settings below:
These settings allow friends to see wall posts with the exception of the “Employees” group. This group has specifically been removed rights to see wall posts. Or so the setting says…
This setting is does not work correctly and does NOT work at hiding any wall posts made from Facebook mobile (including the Facebook iPhone app). This bug is a massive privacy concern.
A friend of the above account in the “Employees” group could not only see wall posts from mobile devices, but also post to the wall, clearly against the privacy settings that were in effect. Wall posts from non-mobile devices were not visible.
The following screenshot shows a wall viewed from an account which has been added to the ‘Employees’ group with the privacy settings as above.
We have no way of proving we haven’t ‘shopped the screenshots above but feel free to try the settings with a friend to prove it to yourself. We also hope the previous hole we uncovered should give some credibility to our claims.
So there you have it. If you have your boss hidden from seeing wall posts, you’d better stop your friends posting on your wall from their phones…
On a side note, the privacy setting does work for status updates made from mobile devices. For concerns about your social networking posts showing up on search engine results, you may want to look into a service like Reputation.com which can help clean up your personal image