top | item 7285394

Why doesn't FB to implement restriction/ACL for accessing uploaded photo?

15 points| hrasyid | 12 years ago | reply

Facebook claims to allow restrict sharing to friends, certain network, or even custom when I upload photos.<p>http://i.stack.imgur.com/673Bu.jpg<p>But it appears that this security is only in effect for the page where the photo is hosted. One can use the "Copy image URL" or the equivalent in one's browser, and you can forward this URL to anyone, who will be able to see it without even logging in to Facebook.<p>This looks weird, because I've seen companies without a superstar IT security team be able to restrict their images/resources with LDAP or something similar. Why can't Facebook do this?

10 comments

[+] patio11|12 years ago|reply

This is a product decision.

It may be partly informed by 1) If anyone sees a photo, they can redistribute it regardless of what our restrictions are serverside, so might as well not give users unreasonable expectations. 2) We really WANT people to share photos. That's basically what Facebook's core interaction is. 3) Implementing this additional security does not increase any metric which Facebook cares about. 4) Users occasionally rely on this feature to post pictures which they host on Facebook to other sites on the Internet, which we want to support, because it means they post photos on Facebook.

[+] grinich|12 years ago|reply

Additionally, it means serving photo assets can be way faster. The authentication step is done at page generation (essentially inserting an obscure URL), so the photo can be moved to a CDN or non-application code server.

It's pretty standard practice. For example, Gmail does something very similar for attachments.

[+] buro9|12 years ago|reply

It's hard to do when you have users counted in billions, and photos counted in trillions, and then have those photos stored across multiple datacenters and served globally through many CDN endpoints.

It is undeniably possible, but the cost (money, performance) is so extreme and the benefits so small (the edge case of people sharing confidential things by copying file URLs when they are always going to be able to take a screenshot in an undetectable and sharable way)... that it just does not come out as a thing worth doing.

Then when one considers that the faster you can make file serving and the UX of the web site and app, the more responsive and higher the engagement... which means increased likelihood to click adverts too.

So you have a huge cost, with little benefit, vs a drop in speed and potential impact to advert revenue.

No reasonable company is going to say that this should be done unless there is an overwhelming business reason to do so (i.e. you are Box and storing company secrets and the liability of leaking them is extreme).

[+] the_jackal|12 years ago|reply

What are the costs, though, exactly? Just how worthwhile would it be?

[+] wslh|12 years ago|reply

I always thought that configuring Facebook permissions is more complex than administering Windows Advanced Server.

[+] spacemanmatt|12 years ago|reply

More complex, yes, but less reliable.

[+] patmcc|12 years ago|reply

Anyone able to view an image can share it with other people if they really want to - maybe they need to save it and host it themselves, or take a screenshot, or even use their phone to take a picture of the screen. Facebook has simply opted not to put any effort beyond the trivial into this.

[+] ohsnap|12 years ago|reply

They can, but once you have access to the image you can just copy it from the browser and email it to anyone... not much different from sharing a url. So it's not a huge security benefit, especially for the costs involved (as some of the other comments mentioned)