security experts and hackers
found a serious security flaw on Facebook which allowed them to view
private photos on Facebook with a small tweak. Facebook security flawed
in that. Developers started to develop browser scripts which allowed
people to see locked private profile pictures. A locked profile picture
refers to a one which cannot be viewed in theater view or enlarged view.
People even can’t comment on it. This privacy holds good when a person
doesn’t wants to share a high resolution photo what he uploads.
People want to have privacy on their
photos. There are people who keep pictures as their profile picture that
does not contain pictures of them. That may be purely due to privacy of
their own self. But still if they think that they want people to find
them easily, then they should have their own picture as their profile
picture. It is lucky for such people that Facebook provides a privacy
feature to make a profile picture private.
As Facebook have common type of URLs
everywhere for photos, it made me to guess the public URL of the
enlarged URL of the locked profile picture. By changing some parts in
URL, we can view the picture in enlarged form. All you need is to, learn
the structure of two URLs. One is the short 160 x 160 px image which
you will see this on people’s timeline. The other is, the public URL of
the same image which is enlarged. This enlarged image will be in the
full resolution what the profile owner has uploaded.
The below is the structure of an enlarged profile URL.
https://fbcdn-sphotos-f-a.akamaihd.net/hphotos-ak-fb/123456_123456789012345_1234567890_n.jpg
The last part of the profile picture determines some property of your picture. The letter n
which is defined before the extension of the image determines the size
of the picture whether the public URL refers to a thumbnail or full size
image. The n can be replaced with the letter t to view the
thumbnail sized image. Each picture on Facebook is determined by a
unique ID by Facebook. The number 123456789012345 determines the actual fbid of a picture.
When we copy the public URL of the image
i a locked profile picture, the URL will be twisted somewhat like the
one below which contains the size of the image too.
https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/c154.33.412.412/s160x160/12345_123456789012345_1234567890_n.jpg
Facebook has hosted images at Akamai for
making the site to be more faster while loading. If you wonder why
Facebook is so fast that any other site when it contains many elements
on their site, then this will be the answer.
To view a locked private profile picture
on Facebook, you just need to change some elements in the public URL of
the image. Here are the steps to view a locked private profile picture.
Step 1: Go to your
friend’s timeline whose profile picture cannot be enlarged. That is, one
who have kept their Privacy Settings to “Only Me”.
Step 2: Right click on their profile picture and click on Copy image URL.
Step 3: Copy the image URL and paste in a text editor like Notepad.
Step 4: Remove the following part of the URL in the image URL you have copied.
https://fbcdn-profile-a.akamaihd.net/hprofile-ak-prn1/c154.33.412.412/s160x160/
And, replace them with the following:
https://fbcdn-sphotos-b-a.akamaihd.net/hphotos-ak-cryptlife/
Step 5: The last part
of the picture URL will be always the same. Now, just launch the URL
which you have made changes. You will be getting the full size of the
image that is locked or made private.
I don’t know why Facebook should provide a public URL for all pictures but it will be nice if this flaw is fixed.
Share your thoughts here. If you have any comments or queries, please comment below. Do not forget to share this URL.
Leave a Reply