Tag Archives: facebook

Facebook employee reveals information on Facebook privacy issues

1
Posted by Tech Paranoia on January 12, 2010 – 1:00 pm
Filed under Privacy
Tagged as , ,

An anonymous Facebook employee has revealed that all user activity on the site is recorded and stored with as many as six copies of each photo retained.

In an interview on the therumpus.net, the employee answered a question about if everything is saved, whether or not it has been deleted or untagged. He said that was essentially correct, and it was only changing that for performance reasons.

The employee said: “How do you think we know who your best friends are? But that’s public knowledge; we’ve explicitly stated that we record that. If you look in your type-ahead search, and you press ‘A’, or just one letter, a list of your best friends shows up. It’s no longer organised alphabetically, but by the person you interact with most, your ‘best friends’, or at least those whom we have concluded you are best friends with.”

The employee admitted that the change was made ‘sometime in the last three months’, but it stores snapshots, which is basically a picture of all the data on all of the Facebook servers. The employee said that this is done every hour, of every day of every week of every month.

When asked if this is every viewable screen, the employee said: “It is way more than that: it’s every viewable screen, with all the data behind every screen. So when we store your photos, we have six versions of your photos. We don’t store the original: we make six different versions on the photo uploader and upload those six versions.”

These are stored in four data centres around the world – in Santa Clara, San Francisco, New York and London. The employee said that in each of those, there are approximately five to eight thousand servers.

Read more at: SC Magazine UK

Facebook users hacked with direct messages forwarding to suspicious site

0
Posted by Tech Paranoia on January 6, 2010 – 10:00 am
Filed under Privacy
Tagged as ,

Facebook users have reported receiving direct messages which includes a link to a suspicious website.

In what could be the first major Facebook security story of the year, users have reported receiving a message that encourages them to visit the ‘binsservicestore.info’ website after a friend’s recommendation.

According to DomainQuery, the website was created on 15th September 2009, last updated on 29th December 2009 and is due to expire on the 15th September this year. The sponsoring registrar is GoDaddy.com Inc and the administrator and registrant data provide contact details in India.

Rik Ferguson, senior security advisor at Trend Micro, said that binsservicesstore.info lands on a ‘work from home scam page’ that uses geo-ip to look like a local (to you) online newspaper.

Andy Thomas, commercial director of Garlik, warned at the end of December about a scam on Facebook where a user is offered a free £25 iTunes voucher. The scam, which came via an invitation and involves sending the group administrator a message with the user’s name and email address, had around 464,000 respond.

Thomas said: “Some simple maths and logic says this is going to cost someone over £12 million. That is Hooveresque in promotional scale and we all remember what happened to them, the truth is this is a well timed scam that plays on people’s trust of the iTunes brand and love of a bargain (it’s called social engineering).

“The only gift members will get is a nasty surprise in an email (probably the one containing your iTunes ‘gift’) or a permanent place on a phishing attack list sold, much like direct marketeers buy email or physical addresses. If you or a friend joined this list make sure they know what to expect over the next few days, weeks, months.”

Source: SC Magazine UK

Zuckerberg pictures exposed by Facebook privacy roll-back

0
Posted by Tech Paranoia on December 11, 2009 – 11:30 am
Filed under Privacy
Tagged as ,

Illuminating pictures of Facebook chief exec Mark Zuckerberg have been exposed by Facebook’s privacy roll back.

Back in October, the world at large could see only one photo of the Facebook co-founder via the social networking site. Facebook’s controversial privacy shake up this week means that world+dog can now obtain access to a cache of 290 previously private shots featuring Zuckerberg. These pictures were uploaded either by Zuckerberg himself or by people who tagged him in images they posted onto the social networking site.

Gawker – which carries a selection of pictures of Zuckerberg in a story here – describes them as showing him as “shirtless, romantic, clutching a teddy bear, and looking plastered” though not all at the same time, we’d hasten to add.

“We just knew this new system would be a boon to gossips like ourselves,” Gawker enthusiastically reports.

Security watchers and the privacy conscious complained that default setting applied in Facebook’s privacy revamp earlier this week meant that everyone had access to pictures, opinions and personal details uploaded onto the social networking site. Users have to be proactive about limiting access to their accounts because the default setting pushes Facebook users towards sharing more information.

Source: The Register

Facebook comes under heavy criticism after it changes policy on privacy controls

0
Posted by Tech Paranoia on December 10, 2009 – 12:00 pm
Filed under Privacy
Tagged as , ,

Facebook has come under heavy criticism over privacy settings after users were warned about changes to the controls on its homepage.

The message tells users of the social networking site ‘we’re making some changes to give you more control of your information and help you stay connected. We’ve simplified the Privacy page and added the ability to set privacy on everything you share, from status updates to photos.

“At the same time, we’re helping everyone find and connect with each other by keeping some information – like your name and profile picture – publicly available.” A guide is then offered to help the user control their privacy settings.

However criticism has been made on the language used in the guide, while users have hit out at the removal of the right to display profiles to certain friends. One user said: “I could previously customise my friends list visibility – not only as to make it not visible to non friends- but I could choose which one of my friends could not view it. With [these] new privacy settings I cannot, it’s either everyone can see it or no one. This way you have restricted my range of choice…everyone’s range of choice actually!”

Many other users hit out at the rights of everyone being able to see a user’s friends list, with many users commenting that they wanted the settings restored. One user said: “Seriously. You don’t just go and remove privacy from 350 million users. Seriously, Facebook. Who the hell do you think you are? If hackers made everyone’s profile pictures public there would be an uproar.”

Source: SC Magazine UK

Facebook users at risk of “rubber duck” identity attack

0
Posted by Tech Paranoia on December 8, 2009 – 3:00 pm
Filed under Privacy
Tagged as , ,

IT security and data protection firm Sophos has today released the results of its latest probe into how easy it is to steal identities via Facebook.

Sophos created two fictitious users with names based on anagrams of the words “false identity” and “stolen identity”. 21-year-old “Daisy Felettin” was represented by a picture of a toy rubber duck bought at a $2 shop; 56-year-old “Dinette Stonily” posted a profile picture of two cats lying on a rug. Each sent out 100 friend requests to randomly-chosen Facebook users in their age-group.

Within two weeks, a total of 95 strangers chose to become friends with Daisy or Dinette – an even higher response rate then when Sophos first performed the experiment two years ago with a plastic frog. Worse still, in the latest study, eight Facebookers befriended Dinette without even being asked.

“We assumed things would be better in 2009 but the situation is worse. This really is a wake-up call,” said Paul Ducklin, Head of Technology, Asia Pacific at Sophos in Sydney who conducted the study. “Our honeymoon period with social networking sites ought to be over by now – but many users still have a ‘couldn’t care less’ attitude to their personal data.”

89% of the 20-somethings and 57% of the 50-somethings who befriended Daisy and Dinette also gave away their full-date-of-birth. Nearly all the others suppressed their year of birth, but this is often easy to calculate or to guess from other information given out. Even worse, just under half of the 20-ish crowd, and just under a third of the 50-ish crowd, gave away personal information about their friends and family.

“People aren’t just handing over their own life story to criminals,” warned Ducklin. “They’re betraying people close to them, too, by helping those cybercrooks build up a detailed picture of their life and their milieu. This is an identity scammer’s dream.”

Full article and video at Sophos

Become a fan of Tech Paranoia on Facebook!

0
Posted by Tech Paranoia on December 4, 2009 – 3:08 pm
Filed under Tech Paranoia
Tagged as

A fan page for Tech Paranoia has been set up on Facebook!

Check it out!

Tech Paranoia Fan Page