Read more.‘Ethical attack’ posts details of 100m unsecured Facebook accounts on the web.
Read more.‘Ethical attack’ posts details of 100m unsecured Facebook accounts on the web.
My personal view, and it differs from Facebook a bit, is that user data ought to be secure from this type of trawling, unless the user explicitly shares it, rather than semi-secure but partly open, unless the user explicitly secures it all.
However ..... there's been so much hoopla about Facebook and privacy recently, that I have to wonder how many of the people that are net-familiar enough to use Facebook aren't also familiar with the privacy issues?
If you knew of the issues and your data wasn't secured, then you can't really complain if, and when, it gets hoovered up like this.
So how many people are unsecured and didn't realise they were? Dunno.
glad i don't use facebook
I'm just surprised that it's only a thousand users on thepiratebay.org that have downloaded so far.
Very sensationalistic. It may have the desired effect of getting the remaining 20% of Facebook users to close off those security settings. Alternatively it could just penalise those who actually want to use facebook to be found, and create an easy distro list for spammers.
Nice one. Doing this to show proof of concept is fine. Publishing it to the public domain to inspire spammers etc is just not cricket.![]()
It's a bit more than scaremongering. All data should be held securely by default unless explicitly permitted to be shared with unknown 3rd parties by the user in question. If facebook was hosted in the UK it would probably be whacked with a massive fine and shut down under the data protection act until they got their junk sorted out. Even the seemingly innocent 'apps' are private personal data harvesters and every day people have no idea that using them exposes their private data. If this was the only instance then fair enough, but there's a growing number of bogus malware sites that use facebook api features to scrape personal data as well.
Yet another reason why web2.0 should be given the heave-ho.
http://www.fastcompany.com/1675465/s...ebook-profiles
Provides a good explination of what's happened, and I mostly agree with it. It's nothing that people didn't really know about already/could find already, it's just in one place now.
There are alarmists, like "privacy watchdog" Simon Davies, who was interviewed by the BBC and who would like you to think this is an "attack," or that it reveals some flaw in Facebook's security. "Facebook should have anticipated this attack and put measures in place to prevent it," says Davies. Well, no, because it's not an attack, and the whole idea of making something public is that it should be able to be found publicly.
For those worried about a hacker stealing their data--don't be. There was no hack, there is no security risk. If you want your information to be private, make it private. But if it's public, people can and will find it. That's not a flaw. That's a choice.
eshrules (30-07-2010)
Off to piratebay then...
I have a facebook account, but barely use it and have virtually no private data on it, apart from my name, but it's not like I'm the only person with that name. I simply don't understand why people broadcast all their private info so much online, making it non-private.
There are currently 1 users browsing this thread. (0 members and 1 guests)