WSJ Investigation: Facebook Privacy Breach

Forum Moderators: not2easy

Message Too Old, No Replies

WSJ Investigation: Facebook Privacy Breach

engine

9:30 am on Oct 18, 2010 (gmt 0)

WSJ Investigation: Facebook Privacy Breach [online.wsj.com]

Many of the most popular applications, or "apps," on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people's names and, in some cases, their friends' names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found.

The issue affects tens of millions of Facebook app users, including people who set their profiles to Facebook's strictest privacy settings. The practice breaks Facebook's rules, and renews questions about its ability to keep identifiable information about its users' activities secure.

oddsod

3:03 pm on Oct 18, 2010 (gmt 0)

The sad part is that the multitude of lemmings in FB who have no idea about protecting themselves online likely never read WSJ. Millions of them would probably open an exe attachment if it appeared to come from one of their friends (spoofed sender? What's that?)

Worse: some of the folk who have the tech skills often shrug their shoulders, "What have I got to lose? They can take and share whatever they want from my Facebook account, it's not costing me anything"

ByronM

4:56 pm on Oct 18, 2010 (gmt 0)

I wouldn't read the WSJ if they paid me :)

Am i dissapointed with the privacy holes? sure.. does it bother? not so much.. i don't share anything i don't want shared anyway.

I'm curious why people whole heartedly seem to accept running Google adsense and analytics without question for how Google is using the data. I mean, view per view Google knows and will know more than facebook ever could because at least facebook is voluntary. Even if friends of friends got leaked that was a voluntary relationship that people didn't feel the need to hide in the end but with Google, there really is no way to "opt out" of that system since a metric crap ton of webmasters are involved in that ecosystem without any apparent concern.

I as a savy user can disable the tracking/analytics and adsense scripts.. and I as a savy user can manage what i want to share on facebook.

J_RaD

5:42 pm on Oct 18, 2010 (gmt 0)

I too am I savvy user and can manage what I share on facebook.

NOTHING, I don't have a facebook account.

phranque

12:10 am on Oct 19, 2010 (gmt 0)

the "privacy breach" discovered by wsj?

The apps were using a common Web standard, known as a "referer," which passes on the address of the last page viewed when a user clicks on a link. On Facebook and other social-networking sites, referers can expose a user's identity.

wsj also "discovered" and reported the same "privacy breach" in may.

Facebook and MySpace In Ad Data Privacy Loophole:
http://www.webmasterworld.com/community_building/4136483.htm [webmasterworld.com]

Trav

12:12 am on Oct 19, 2010 (gmt 0)

I've completely stripped my FB account of all content, and I'm waiting for their CDN to sync up. I started this process about 3 months ago, and there are still CDN nodes that I can pull my content from, long after FB claims that it's been erased.

But I'll never be able to pull content about me that my friends/associates/whoever post about me, because I won't know. That is the really screwed up part of this: there's now a penalty for NOT participating.

tedster

12:14 am on Oct 19, 2010 (gmt 0)

Well, WSJ is owned by Rupert Murdoch, right? That's not exactly a digital visionary at the helm. IMO, his main game has long been manipulating and perpetuating a state of fear.

jkovar

5:52 am on Oct 19, 2010 (gmt 0)

You know what people who don't do this stuff for a living tell me any time I show them stories like this?

They say, "So what. It's not like I'm Scarface or Osama". It seems like the only people who care, are people who are tracking people themselves.

tangor

6:08 am on Oct 19, 2010 (gmt 0)

What little I do on FB won't hurt me. That said, here's another viewpoint: [theregister.co.uk...]

graeme_p

6:51 am on Oct 19, 2010 (gmt 0)

Do not use untrusted FB apps, and do not click on FB ads.

oddsod

6:57 pm on Oct 19, 2010 (gmt 0)

wsj also "discovered" and reported the same "privacy breach" in may.

Er, it seems like it was the same type of privacy breach. The last time this happened FB said they fixed it.

This is a new breach. And when WSJ informed FB about their findings last week it appears FB scrambled to minimise reputational damage.

Since Friday, users attempting to access those applications received either an error message or were reverted to Facebook's home screen.

Robert Charlton

4:07 am on Oct 20, 2010 (gmt 0)

Do not use untrusted FB apps, and do not click on FB ads.

That kind of shoots their business model all to hell. ;)

Eathan

4:51 pm on Oct 20, 2010 (gmt 0)

NPR had a similar report on Monday. Seems like FB has another privacy issue spring up just about every other week. Add to that all the calls I get from marketing companies claiming to be partnered with FB, with backdoor access to user data, etc, etc, and I don't trust 'em in the least. Bottom line though, I'm still on there, and still trying to use it as a marketing platform.

tedster

8:35 pm on Oct 22, 2010 (gmt 0)

In case it isn't yet clear - this WSJ article was completely bogus. Here's what TechCrunch has to say (read both links).

A few days ago the Wall Street Journal published a series of articles about a supposed Facebook privacy breach. We and others noted that the article was complete rubbish [techcrunch.com].

[techcrunch.com...]

oddsod

4:51 pm on Nov 2, 2010 (gmt 0)

In a different story yesterday, FB uncovers user data sales [bbc.co.uk].