Published Date: 2018-12-14
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident happened in September 2018. [78881, 78912, 78823] |
| System | 1. Facebook's API system [78881, 78912] 2. Facebook's photo-sharing system [78881, 78912] 3. Facebook's data protection system [78823] 4. Facebook's privacy and security practices [78823] 5. Facebook's bug detection and prevention mechanisms [78880] |
| Responsible Organization | 1. Facebook [78881, 78912, 78823, 78880] |
| Impacted Organization | 1. Users who had given permission to third-party apps to access their photos through the Facebook login function [78881, 78912] 2. Third-party app developers who may have unknowingly accessed users' photos due to the bug [78823] |
| Software Causes | 1. A Facebook bug in the way photos were shared with third-party apps led to the incident, allowing developers to access photos users had uploaded but never posted [78881, 78912]. 2. The bug was a result of a complex interaction of three distinct software bugs that impacted the 'view as' feature, allowing attackers to steal Facebook access tokens [78881]. 3. Another bug in Facebook's software allowed third-party apps to access a broader set of photos than usual, including photos that users had started to post but abandoned before publishing [78912]. 4. A bug in Facebook's software allowed outsiders access to private photos of users, potentially affecting 6.8 million people [78823]. 5. A bug in Facebook's software caused a glitch in June that publicly published the posts of 14 million users that were intended to be private [78880]. |
| Non-software Causes | 1. Lack of proper oversight and control over third-party app permissions and access to user data [78881, 78912, 78823] 2. Failure to fully safeguard personal data of users leading to privacy breaches [78912, 78823] 3. Inadequate response and delay in notifying regulators about data breaches [78823] 4. Allegations of improper data harvesting and misuse of user data for political purposes [78880] 5. Accusations of selling access to user data to advertisers [78880] 6. Collection of text messages and phone call records without explicit user consent [78880] |
| Impacts | 1. The software failure incident allowed third-party apps to access photos that users had uploaded but never posted on Facebook, affecting up to 6.8 million users and around 1,500 apps [78881, 78912]. 2. The incident raised concerns about user privacy and data security, prompting scrutiny from regulators in the United States and Europe [78823]. 3. The incident added to Facebook's ongoing privacy issues, including previous incidents such as the Cambridge Analytica data scandal, a bug in June that exposed private posts of 14 million users, and a security breach in September affecting 30 million accounts [78880]. 4. The bug potentially violated Facebook's 2011 consent decree with the Federal Trade Commission, which requires the company to protect user data and obtain user consent before overriding privacy choices [78823]. 5. The incident could lead to fines and penalties for Facebook under the General Data Protection Regulation (GDPR) in Europe, with potential fines of up to 4% of Facebook's global revenue [78823]. |
| Preventions | 1. Implementing stricter access controls and permissions for third-party apps to prevent unauthorized access to user data [78881, 78912]. 2. Conducting thorough testing and quality assurance processes to identify and fix software bugs before they impact users [78823]. 3. Enhancing data protection measures and security protocols to safeguard user information from potential breaches and unauthorized access [78880]. |
| Fixes | 1. Implement stricter data access controls and permissions for third-party apps to prevent unauthorized access to user photos [78881, 78912]. 2. Enhance bug testing and quality assurance processes to catch and address software bugs before they impact user data [78823]. 3. Develop better monitoring and auditing tools to quickly detect and respond to software bugs that may compromise user privacy [78880]. | References | 1. Facebook developer, Tomer Bar [78881] 2. Facebook blog post [78912] 3. Engineering director at Facebook, Tomer Bar [78823] 4. Facebook's official statements and announcements [78880] |
| Category | Option | Rationale |
|---|---|---|
| Recurring | one_organization | (a) The software failure incident having happened again at one_organization: - Facebook has faced multiple software failure incidents related to user privacy and data security. For example, in March, a whistleblower revealed the Cambridge Analytica scandal where personal data of 50 million users was harvested without consent [Article 78880]. This incident was followed by a bug in June that caused a glitch exposing the private posts of 14 million users [Article 78880]. Additionally, in September, hackers accessed and stole personal information from nearly half of the 30 million accounts affected in a security breach [Article 78880]. (b) The software failure incident having happened again at multiple_organization: - The articles do not mention similar incidents happening at other organizations. |
| Phase (Design/Operation) | design, operation | (a) The software failure incident related to the design phase is evident in the Facebook bug that allowed app developers to see photos users had uploaded but never posted. This bug occurred due to an error in the way Facebook shares photos with third parties, impacting photos that people uploaded but chose not to post. The bug was a result of a complex interaction of three distinct software bugs, affecting the 'view as' feature and allowing attackers to steal Facebook access tokens [78881, 78912]. (b) The software failure incident related to the operation phase is seen in the Facebook bug that allowed third-party apps to wrongly access the photos of up to 6.8 million users. This bug occurred over a 12-day period in September, allowing roughly 1,500 apps to access a broader set of photos than usual, including photos that users may have started to post but abandoned before publishing [78912, 78823]. |
| Boundary (Internal/External) | within_system | (a) within_system: - The software failure incident related to the Facebook bug that allowed app developers to see photos users had uploaded but never posted was due to an error within Facebook's system. The bug allowed third-party apps to access a broader set of photos than usual, including photos that users had not posted publicly [78881, 78912, 78823]. - The bug was a result of a complex interaction of three distinct software bugs within Facebook's system, impacting the 'view as' feature and allowing attackers to steal Facebook access tokens [78881]. - Facebook acknowledged the bug and mentioned that they had fixed the issue, but some third-party apps may have had access to a broader set of photos due to this bug [78823]. - The bug was discovered internally by Facebook on September 25, and the company took steps to address the issue and notify regulators [78823]. (b) outside_system: - The incident was not caused by factors originating from outside the system but was a result of an internal software bug within Facebook's platform [78881, 78912, 78823]. |
| Nature (Human/Non-human) | non-human_actions, human_actions | (a) The software failure incident occurring due to non-human actions: - The software failure incident in Article 78881 was caused by a Facebook bug that allowed app developers to see photos users had uploaded but never posted. This bug occurred for two weeks in September and was an error in the way Facebook shared photos with third parties [78881]. - In Article 78912, a major software bug allowed third-party apps to wrongly access the photos of up to 6.8 million users, including images that people began uploading to the site but didn’t post publicly. This bug occurred over a 12-day period in September and was a result of a software bug that allowed developers to access photos they weren’t supposed to on Facebook Marketplace and Stories [78912]. - Article 78823 also reported a bug in Facebook that allowed outsiders access to private photos of potentially 6.8 million users. This bug was discovered by Facebook and fixed, but it allowed third-party apps to access a broader set of photos than usual, including photos that users had uploaded but not posted publicly [78823]. (b) The software failure incident occurring due to human actions: - The incident in Article 78880 highlights various issues related to user privacy on Facebook, including the Cambridge Analytica scandal, a bug in June that caused a glitch in privacy settings, a security breach in September, and accusations in a lawsuit regarding the handling of user data. These incidents involve human actions such as improper data harvesting, software glitches, and potential mishandling of user data [78880]. |
| Dimension (Hardware/Software) | software | (a) The software failure incident related to hardware: - None of the articles provided information about the software failure incident being caused by hardware issues. (b) The software failure incident related to software: - The software failure incident reported in the articles is due to a software bug that allowed third-party apps to access users' photos on Facebook without proper authorization. This bug resulted in apps being able to access a broader set of photos than usual, including photos that users had uploaded but not posted publicly [78881, 78912, 78823, 78880]. |
| Objective (Malicious/Non-malicious) | malicious, non-malicious | (a) The software failure incident related to the Facebook bug allowing third-party apps to access users' photos falls under the non-malicious category. The incident was described as a bug or error in the system that allowed unintended access to photos by third-party apps [78881, 78912, 78823]. (b) On the other hand, the incident involving the Cambridge Analytica scandal where personal data of Facebook users was harvested without their knowledge or consent, as well as the security breach that gave hackers full access to Facebook accounts, can be categorized as malicious software failures as they involved intentional actions to exploit vulnerabilities and access data improperly [78823, 78880]. |
| Intent (Poor/Accidental Decisions) | poor_decisions, accidental_decisions | (a) poor_decisions: The software failure incident related to the Facebook bug that allowed third-party apps to access users' photos was primarily due to poor decisions made in the software development process. The incident was a result of a bug in the way Facebook shared photos with third parties, which allowed apps to see photos users had uploaded but never posted publicly [78881, 78912, 78823]. This bug was a result of a complex interaction of three distinct software bugs, which led to the vulnerability that allowed attackers to steal Facebook access tokens and take over people's accounts [78881]. (b) accidental_decisions: The incident could also be attributed to accidental decisions or unintended consequences. For example, the bug allowed developers to access photos that users had uploaded but not posted publicly, including draft photos, due to the way Facebook stored these images for potential future posting [78912, 78823]. Additionally, the bug may have allowed developers to access photos on Facebook's Marketplace and Stories that they were not supposed to see [78912]. |
| Capability (Incompetence/Accidental) | development_incompetence | (a) The articles report on a software failure incident related to development incompetence. The incident involved a bug in Facebook's software that allowed third-party apps to access users' photos, including those that were uploaded but not posted publicly. This bug was attributed to an error in the way Facebook shared photos with third parties, impacting up to 6.8 million users and around 1,500 apps built by 876 developers [78881, 78912, 78823]. (b) The incident was not accidental but rather a result of a software bug that was introduced due to development incompetence, leading to unauthorized access to users' photos by third-party apps. |
| Duration | temporary | The software failure incident related to the Facebook bug that allowed third-party apps to access users' photos was temporary. The bug occurred over a 12-day period in September [Article 78912]. It was fixed by Facebook after being discovered on September 25 [Article 78823]. The incident was not permanent as it was a result of a specific bug within a limited timeframe and was not a continuous issue. |
| Behaviour | omission, other | (a) crash: - The articles do not mention a crash as the behavior of the software failure incident. (b) omission: - The software failure incident involved omission where third-party apps were able to access photos that users had uploaded but never posted on Facebook. This was due to a bug that allowed access to a broader set of photos than usual, including those that users had started to post but abandoned before publishing [78823, 78912]. (c) timing: - The software failure incident did not involve timing issues where the system performed its intended functions too late or too early. (d) value: - The software failure incident did not involve the system performing its intended functions incorrectly in terms of the value provided to users. (e) byzantine: - The software failure incident did not exhibit byzantine behavior where the system behaved erroneously with inconsistent responses and interactions. (f) other: - The behavior of the software failure incident can be categorized as a bug that allowed third-party apps to access photos that users had uploaded but never posted on Facebook, impacting up to 6.8 million users. This bug was a result of an error in the way Facebook shared photos with third parties, allowing access to photos in various parts of the site beyond the newsfeed [78881, 78912]. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property | (d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident related to a Facebook bug allowed third-party apps to access users' photos, including images that were uploaded but not posted publicly. This bug potentially affected up to 6.8 million users and allowed roughly 1,500 apps to access a broader set of photos than usual, including photos that users had started to post but abandoned before publishing. Facebook stated that it was contacting developers to delete any photos they may have retrieved improperly [Article 78881, Article 78912, Article 78823]. |
| Domain | information, finance, government | (a) The software failure incident reported in the articles is related to the industry of information, specifically social networking and online photo sharing platforms like Facebook. The incident involved a bug that allowed third-party apps to access users' photos, including those that were uploaded but not posted publicly on Facebook [78881, 78912, 78823, 78880]. (h) The incident also has implications for the finance industry as it raises concerns about data privacy and security practices, which are crucial in financial transactions and online banking services [78823]. (l) Additionally, the government sector is impacted as regulators in both the United States and Europe are scrutinizing Facebook's handling of user data and privacy practices, potentially leading to fines and penalties for the company [78823, 78880]. (m) The incident is not directly related to any other industry mentioned in the options provided. |
Article ID: 78881
Article ID: 78912
Article ID: 78823
Article ID: 78880