Welcome to WebmasterWorld Guest from 54.80.185.137

Forum Moderators: not2easy

Featured Home Page Discussion

Facebook Launches Data Abuse Bounty

     
4:38 pm on Apr 10, 2018 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

joined:May 9, 2000
posts:25199
votes: 685


Facebook has announced a Data Abuse Bounty aimed at rewarding people who report any abuse of data by developers of apps. This is an extension of the bug bounty program.

Scope
To be eligible for a reward the situation must involve

  • More than 10,000 Facebook users.
  • Definitive abuse of data. Not just collection.
  • A case we were not already aware of or actively investigating.

    Explicitly out of scope scenarios:

  • Scraping.
  • Malware or mass-scale tricking of users to install apps.
  • Scenarios where social engineering is a major component.
  • Non-Facebook cases (ex: Instagram).


  • [facebook.com...]
    [newsroom.fb.com...]

    Earlier stories
    Facebook to Alert Users Impacted by Cambridge Analytica Scandal [webmasterworld.com]
    Facebook Adds Bulk Removal Tool [webmasterworld.com]
    6:24 pm on Apr 10, 2018 (gmt 0)

    Senior Member from US 

    WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:Nov 29, 2005
    posts:8112
    votes: 594


    Crowd-sourcing the job, yet again. Fixes by popular report. Building an elephant when a mouse would do... Other social structures might called snitching. :)

    HOWEVER, if somebody does come up with something NEW in data misuse, that would be big.
    7:40 pm on Apr 10, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member Top Contributors Of The Month

    joined:Feb 3, 2014
    posts:1156
    votes: 274


    A case we were not already aware of or actively investigating.

    So they are actually going to admit something got past them? LOL
    3:10 am on Apr 11, 2018 (gmt 0)

    Moderator from US 

    WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:Sept 26, 2001
    posts:11112
    votes: 662


    In the several times FB has been under pressure from the US gov't, this is the first time FB hasn't pushed back forcefully against any mention of regulation.

    In fact, MZ now seems passive about the many suggestions of privacy guidelines, even to say he thought the EU did it right when asked if he would consider following EU privacy standards.

    Sounds like this may be the lessor of two fates he sees himself in; the other being the threat of an anti-trust breakup.
    3:47 am on Apr 11, 2018 (gmt 0)

    Senior Member from US 

    WebmasterWorld Senior Member tangor is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:Nov 29, 2005
    posts:8112
    votes: 594


    During questioning before congress today MZ was asked the all important questions regarding liberal bias, filtering conservatives, user privacy and "are you a platform or a publisher?" None of his responses were particularly satisfying. I think the last part with the scary word "publisher" is the one that bothers him (or should!) the most. Losing the protection of Section 230 of the Computer Decency Act would radically change how FB operates, and what can or cannot be done.
    4:00 am on Apr 11, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member Top Contributors Of The Month

    joined:Apr 1, 2016
    posts:1776
    votes: 458


    even to say he thought the EU did it right when asked if he would consider following EU privacy standards.

    That is not what he said.
    He was asked what he thought about the EU regulations. He answered
    "I think that they get things right"
    Which I understood as a diplomatic way of saying most of the regulation is horrible, but some things are right. Judging by the chuckles in the room, I don't think my view is far off.
    Here is a link to the video, go to 1h46min
    [youtube.com...]
    4:09 am on Apr 11, 2018 (gmt 0)

    Moderator from US 

    WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:Sept 26, 2001
    posts:11112
    votes: 662


    That is not what he said.
    I don't see any quotes... obviously it is me that is posting, not him. You'll know it when I quote someone, since you'll see these things " ".
    8:22 am on Apr 11, 2018 (gmt 0)

    Administrator from GB 

    WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

    joined:May 9, 2000
    posts:25199
    votes: 685


    Back on topic.

    The bounty is a good thing, imho, because it'll help find rogues that don't follow any rules.
    8:31 am on Apr 11, 2018 (gmt 0)

    Moderator from US 

    WebmasterWorld Administrator keyplyr is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:Sept 26, 2001
    posts:11112
    votes: 662


    The bounty is a good thing
    Maybe, we'll see if that ends up affecting anything or not.

    However, I'm getting the impression the internet is slowly turning into an informant based reward system.

    With the EU's upcoming GDPR that includes a utility to report violations, to the new revelation of MZ to put the burden on FB users to report wrongdoing, how did this end up *our* responsibility when it is clearly the work of these tech companies and their business models.
    8:50 am on Apr 11, 2018 (gmt 0)

    Senior Member from GB 

    WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

    joined:Aug 11, 2008
    posts:1587
    votes: 210


    With respect, its the organisations' job to not screw up in the first place.

    I'd rather crowdsource violations of this obligation than leave it up to the organisation to first detect, then resolve and disclose.

    Cynically, FB's bounty just means whistleblowing will be kept in-house, and therefore without media furore. Which is ideal for them, no?
    1:06 pm on Apr 11, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member Top Contributors Of The Month

    joined:Feb 3, 2014
    posts:1156
    votes: 274


    What's the need for a bounty system when AI is running the show?
    Sounds like mere lip service as was most of his testimony yesterday.
    I seriously doubt they'll pay out a penny, but please post if they do and it's documented.
    2:39 pm on Apr 11, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

    joined:Dec 27, 2004
    posts:1949
    votes: 60


    Watching the "Grilling of a SugarMountain" show now(con'gress show on TV).

    All he does pretty much is explaining to the good'ol falk how to use the App! .... and it seems they just don't get it.

    Oy, i've been there...
    3:58 pm on Apr 11, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member Top Contributors Of The Month

    joined:Feb 3, 2014
    posts:1156
    votes: 274


    Until watching and listening to boy wonder's robotic responses on TV the past twos days, I never realized that his doppelganger is Commander Data from StarTrek The Next Generation. Anyone one else get that? Wondering to myself if he's actually human. [bit.ly...]
    8:25 pm on Apr 11, 2018 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

    joined:Dec 27, 2004
    posts:1949
    votes: 60


    I actually made a bet 1 day before FB went Public with 2 fellow Programmers... The bet was that eventually their dataset will be either hacked or leaked from within.

    The Bet was for full scale lunch at Sophie's Cuban Cuisine downtown NYC, for 6 people.

    Chicken! Lots of Chicken! Kudacth Tacth Tacth!