When is a hack not a hack? With all the brouhaha over privacy lately, no doubt Facebook users would be disturbed to know that their details might have surfaced on an internet file sharing site.
According to British site Thinq, the directory was compiled by hacker Ron Bowes of Skull Security using a web crawler program. The 2.8GB torrent reportedly contains 171 million entries, relating to 100 million individual users. Facebook claims a total user base of 500 million.
The file contains user account names and a URL for each user’s profile page, which could contain details such as addresses, dates of birth or phone numbers.
The problem is that Bowes didn’t have to use his hacking skills to break into the Facebook site to compile his directory - he simply harvested publicly available data from Facebook’s open access directory. The affected users all have one thing in common - they hadn’t changed their privacy settings to make their pages unavailable to search engines. However, visiting an user’s profile from this directory would also allow you to click through to their friends’ profiles, even if the friends had not made their profiles searchable.
Privacy has been a big issue for Facebook in the past, though the debate has quietened down since the last big tranche of privacy setting changes in May. The latest news is sure to raise the question about whether the default settings should be more protective of user data.
I have railed from the beginning about people having personally identifiable information available on their public walls, especially dates of birth, which is often the first and most important piece of information a data thief can pull to steal your identity.
Don’t think identity theft could be a problem? Try getting your life and credit rating BACK after identity theft.
Please, people, I beg of you! Change the security settings for your date of birth to “only me”!
In other news, you can now type anyone’s name into Google and get their Facebook URL *gasp*.
“However, visiting an user’s profile from this directory would also allow you to click through to their friends’ profiles, even if the friends had not made their profiles searchable.”
Curious, so if I clicked a friend from a public profile I can see the friends stuff? I don’t think so IF the friend being clicked on has privacy settings set properly. I’m not sure I understand the claim in that sentence.
If you want an alternative to FB for sharing your most private information online, give ThreadThat.com a try. Nothing you share will ever show up in search engine results. This site is new and it’s free. It can’t help you find your “friends”, but it will help you keep the ones you have by respecting their privacy as well.
Most people have a lot to learn. You do not talk to a stranger in the street or carry a tag on you saying; “hey Iam… And my birth date is…” Why they do in FB?
@Eric Clearly, any information on the friend’s profile page would still be subject to the usual privacy settings. However, since the friend’s profile is not normally findable through a search engine, this directory makes it much easier to find.
There is a new social networking experience coming this fall. It’s called somethingcoolhappened.com. You can go there now to view a preview video and to preregister. With this site you can interact with friends, create your own unique avatars, upload videos, pictures or stories of something cool that happened to you or someone else! You also get full anonymity. It is going to be awesome! Check it out.
Think of this site as more like a combination of YouTube, Flickr, Facebook and then something totally brand new. With this site you will get your anonymity back, no more personal information floating around being sold off and you will get to be creative, compete with other people if you wish and just have fun in a great positive atmosphere.
>The 2.8GB torrent reportedly contains 171 million entries,
>relating to 100 million individual users. Facebook claims a
>total user base of 500 million.
Interesting. Am I wrong or can we get the ratio of real accounts on FB ? It would lead to nearly 300m individual users.
want to join facebook with security ….