A recently found Facebook bug lets you post un-deletable messages to friends’ walls.
Here’s how it works: Once you’ve blocked a person on Facebook, he or she can no longer see content you’ve posted on the social network, including posts you’ve made to their own wall. Since the content is no longer visible, it can’t be deleted. The only way either party can see the post again is if the block is removed.
In a way, Facebook lets you know that’s going to happen when you block someone in the first place: “Blocking means you won’t be able to see or contact each other on Facebook,” reads a message that pops up when you decide to block someone (see screenshot below). However, it’s a one-sided agreement: The person being blocked isn’t notified, and all of the content you’ve previously posted on their wall remains intact but invisible to both of you.
To test the theory, I posted a photo of a Spy Cat on Mashable Editor Todd Wasserman’s wall. He was able to see the message when I posted it. Then I blocked him a few minutes later. The image was no longer visible to either of us, but was visible to Christina Warren, who remained Todd’s unblocked Facebook friend.
Since you can’t remove what you can’t see, Todd could have potentially never realized I posted the photo in the first place, although it would still be visible to his entire friend base for eternity. He also wouldn’t be able to delete the post from his wall, nor will I unless I decide to unblock him on the site.
While our cat experiment is harmless, the vulnerability could be exploited maliciously by someone using a photo a bit more risqué than a cat looking through some window blinds.