Slashdot Mirror

I agree. It looks quite cool but when something tries to be all things to all men, it normally fail in some areas.

Sean J Connolly
Visit My Blog
Find me on FaceBook

The Subject of this post is the name of a Facebook group with over 2,000 members. Its URL is http://www.facebook.com/group.php?gid=2204720375. CO2 sequestration is a stupid idea.

I have been writing web apps since 1993 and have used C/C++, java, perl, python, ruby, and even lisp and honestly I have yet to encounter a script language that can handle high load environments.

Have you tried PHP? I hear it runs several high load websites ;-)

Not only are some of these apps extremely annoying, including advertisements next to games and etc, its now very common for them to use incentives (eg extra levels or whatever) to get people to invite all their friends to the application. facebook's devs addressed it in a blog post but it remains a problem. the whole system looked bad from the start, so i personally reject all applications that aren't facebook related. even so, its to the point now where i'm thinking of shutting down my account.

The author forgets to mention that the website of the research group, which you think might be somewhat relevant. I'm a student at Bath. I'm not connected with the research, but I have attended (highly secret) public seminars where they talk about their work, and it isn't evil or secret or somehow going to lead to the end of humanity as we know it. They are a group of computer scientists with vague, fluffy ideas about how they can understand people by logging bluetooth device interactions. The network of sensors is rubbish. I have a bluetooth phone which I have registered with the associated facebook application... In the few weeks I have been registered I have been spotted associating with two other bluetooth devices... neither of which I know the owner of. Although I'm commenting on Slashdot, I have believe it or not, associated with more than two people in the last 3 weeks!

Block Beacon from ever being accessed by your Web browser.

The sites are:
http://.facebook.com/beacon/*
http://facebook.com/beacon/*

Block Beacon from ever being accessed by your Web browser.

The sites are:
http://.facebook.com/beacon/*
http://facebook.com/beacon/*

Well, luckily for you, if you're Abrahamo Lincolni, you're the only one.

http://www.facebook.com/srch.php?nm=Abrahamo+lincolni

They should have no trouble tracking you.

Someone is starting one of those 1,000,000 strong facebook groups to direct traffic to it too, should help speed things along if everyone adds all their friends.

http://www.facebook.com/group.php?gid=23872638056

The article says that he is charged with "running an online study group on Facebook"; if that is true, then by extension Ryerson should outlaw any form of study group, because it's just as easy to share answers when you're meeting with others in the library or talking about it at a party with an upperclassman who took the class three years ago. If they are charging him with "posting answers on Facebook," or even "soliciting answers on Facebook," that would be more understandably punishable.

As a college prof, I can attest to the fact that catching plagiarism is necessary and one of the few crappy aspects of my job. There is a fine line between someone (tutor, friend, Facebook buddy, etc.) helping the student and giving him/her the answers, but the line is there nonetheless. It's impossible and inappropriate to police the students every minute; I've seen other profs burn themselves out with the paranoia that there are cheaters out there and they must catch every last one of them.

The answer, in my mind, is to make the students want to learn the material: make the lectures interesting and informative, show them why the information is important for them to know in the long-term, give tests which require the assimilation of the material and not just memorization of the answers. If a student in my class is cheating, I take some responsibility for it.

And maintaining an active Facebook account doesn't hurt...

is: http://www.facebook.com/group.php?gid=2257397452

I for one, have decided to join it.

I've recently taken a job at a primarily Java shop. After seeing XML used and abused for ant, maven and various other things I've grown even more disenchanted with it. And now I've also gotten the chance to see that not only does Java represent a poor trade off between the annoyances of a strongly typed language and the speed of a dynamic interpreted one, it has a horrible mess of dependency issues that nobody really solves besides.

I'm much more hopeful about technologies like Thrift and/or D-Bus than I ever was about such abysmal abominations as SOAP, or the only slightly better XML-RPC.

The Java XML world seems like this little closed ecology of mutual masturbators who all come up with more Java and XML 'solutions' to problems that never existed before they started using Java and XML.

I see the value of XML for long-lived documents that don't spend a lot of their life on the wire. And possibly for config files, though IMHO it is too ugly and unreadable for those. But as a general tool for Internet plumbing it's awful.

When you post User Content to the Site, you authorize and direct us to make such copies thereof as we deem necessary in order to facilitate the posting and storage of the User Content on the Site. By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose, commercial, advertising, or otherwise, on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing. You may remove your User Content from the Site at any time. If you choose to remove your User Content, the license granted above will automatically expire, however you acknowledge that the Company may retain archived copies of your User Content. Facebook does not assert any ownership over your User Content; rather, as between us and you, subject to the rights granted to us in these Terms, you retain full ownership of all of your User Content and any intellectual property rights or other proprietary rights associated with your User Content.

Is SOM/DSOM really that unique?
Rather than trying to resurrect a 10 year old source base, and to re-create a community around it, would it not be preferable to join an existing, related, project, and expand/improve it in order to cover SOM's unique features?

SOM/DSOM being 10 years old, I suspect that its support for Java, Python, PHP, and Ruby isn't very mature (ahem).

For instance, I have heard good things about this multi-language interface library (open-source project lead by facebook):
      http://developers.facebook.com/thrift/
Would someone know how it compares to SOM/DSOM ?

http://www.facebook.com/photo_search.php

Click on each photo for larger version, then click on the words "remove tag" next to your name beneath the photo. (I believe this also prevents anyone from re-tagging the photo.)

Unfortunately, there doesn't seem to be any way to opt out completely. (Although it occurs to me that disabling searches for your account may disable tagging as well, since the tagging feature performs an implicit search on the name. Worth an experiment.)

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

Serious question, but could you tell me how I can stop sharing, say, my demographic with, say, Scrabulous?

Where does it say what information is being shared?

I'm a newbie Facebook app developer.

Here's the info I can see for any user that adds my app and clicks the box:

          uid*, first_name, last_name, name*, pic_small, pic_big, pic_square, pic, affiliations, profile_update_time, timezone, religion, birthday, sex, hometown_location, meeting_sex, meeting_for, relationship_status, significant_other_id, political, current_location, activities, interests, is_app_user, music, tv, movies, books, quotes, about_me, hs_info, education_history, work_history, notes_count, wall_count, status, has_added_app

(More info on the already-linked http://developers.facebook.com/documentation.php?doc=fql )

To me this seems like way, way too much. I haven't told our marketing people we can get all this.

Yes, technically Scrabble has access to the religion of its users. Yes, it could be storing this.

However if they do so for longer than 24 hours (for caching), show it to anyone unless the Facebook user requested it and a few other things they're breaking their agreement with Facebook, so any application caught doing so could be kicked off of Facebook.

(Of course spotting applications doing so could be rather tricky...)

Dude, what is so hard here? It is an API. Do people typically customize an API for every user (as in application using the API) to limit the available calls only to what is needed? It is an interface. The data available in said interface is CLEARLY DOCUMENTED. Yes, technically Scrabble has access to the religion of its users. Yes, it could be storing this.

Seriously, what is confusing here? You have to agree when you add an application that it will be able to access your profile data. When you say 'yes, allow this', why would you be surprised that the application is then allowed to do what you just allowed?

http://developers.facebook.com/documentation.php?doc=fql

Well put. We must run under the assumptions that whatever information we provide to websites will not remain confidential, privileged, private or otherwise secure. Sites have privacy policies for a reason, yet some users seem to get upset when something clearly outlined in the policy comes to light. I, on my part, read the FaceBook applications privacy policy and never had any hopes that my information would be secure.

(i) any information provided by you and visible to you on the Facebook Site, excluding any of your Contact Information, and

(ii) the user ID associated with your Facebook Site profile.

Michal Geist started the Fair Copyright for Canada Facebook group a few months ago, and it now has almost 40,000 members. Check it out, if you're Canadian and use Facebook.

1. register as an individual, against the site TOS

I can use my personal account on a forum to do research on behalf of my employer -- and I routinely do. Have I done something wrong? Of course not. Many employers will pay for their employees to have their own, individual accounts on forums and websites relevant to their work.

2. on a social networking site where a school has NOTHING to do whatsoever in the first place

When I searched for "Douglas College" on Youtube, 19 out of the 20 of the results on the first page were about my school. I didn't bother to check the second page, so there are almost certainly a lot more. If I were in a University administrator, I'd be a bit curious about them, and I'd be doing nothing wrong if I checked them out.

When I search for "Douglas College" on Facebook, I got three students (including my most recent ex), an employee, an application that allows the user to search the school's library, three groups, and an event... all just on the first page of results. Are you honestly stupid enough to believe that University administrators are morally obligated to remain ignorant of all of that?!

so as to check on students to see what they're writing about thewselves

Which they should treat as feedback, not possible tarnishing of their image.

As for Uni a business - this has got to stop.

The University System of Georgia Board of Regents is meeting on Wednesday and Thursday. After backing out of a hearing procedure which they established to give an opportunity for due process, we filled a civil rights and discrimination lawsuit in Federal court.

It may be more effective to contact the Board of Regents at this point.

Office of the Chancellor
Board of Regents of the University System of Georgia
Suite 7025
270 Washington Street, SW
Atlanta, GA 30334
office: (404) 656-2202
fax: (404) 657-6979
email: chancellor@usg.edu

http://www.usg.edu/contact/
http://www.usg.edu/regents/members/

Join my Facebook group @ http://kennesaw.facebook.com/group.php?gid=6371166090

The story about the lawsuit has been heard across Georgia. Newspapers from Valdosta, Augusta, and Athens are reporting on the case. It's been discussed on television, radio, and Internet blogs. Prominent education journal "Inside Higher Ed" featured it on their front page.

http://mashable.com/2008/01/13/facebook-users-photo-led-to-expulsion-from-university/
http://www.splc.org/newsflash.asp?id=1664
http://www.courthousenews.com/2008/01/10/Valdosta_State_Student_Says_Facebook_Opinion_Resulted_in_Expulsion_From_School.htm
http://www.onlineathens.com/stories/011208/news_20080112030.shtml
http://www.valdostadailytimes.com/local/local_story_011142725.html
http://www.thefire.org/index.php/article/8794.html
http://www.thefire.org/index.php/article/8796.html
http://www.walb.com/Global/story.asp?S=7612384

The University System of Georgia Board of Regents is meeting on Wednesday and Thursday. After backing out of a hearing procedure which they established to give an opportunity for due process, we filled a civil rights and discrimination lawsuit in Federal court. It may be more effective to contact the Board of Regents at this point. Office of the Chancellor Board of Regents of the University System of Georgia Suite 7025 270 Washington Street, SW Atlanta, GA 30334 office: (404) 656-2202 fax: (404) 657-6979 email: chancellor@usg.edu http://www.usg.edu/contact/ http://www.usg.edu/regents/members/ Join my Facebook group @ http://kennesaw.facebook.com/group.php?gid=6371166090 The story about the lawsuit has been heard across Georgia. Newspapers from Valdosta, Augusta, and Athens are reporting on the case. It's been discussed on television, radio, and Internet blogs. Prominent education journal "Inside Higher Ed" featured it on their front page. http://mashable.com/2008/01/13/facebook-users-photo-led-to-expulsion-from-university/ http://www.splc.org/newsflash.asp?id=1664 http://www.courthousenews.com/2008/01/10/Valdosta_State_Student_Says_Facebook_Opinion_Resulted_in_Expulsion_From_School.htm http://www.onlineathens.com/stories/011208/news_20080112030.shtml http://www.valdostadailytimes.com/local/local_story_011142725.html http://www.thefire.org/index.php/article/8794.html http://www.thefire.org/index.php/article/8796.html http://www.walb.com/Global/story.asp?S=7612384

Photos on Facebook can be made publicly accessible, even if the profile is private. Ta-da.

The Profile Hug application embeds an iframe in its request notification that sometimes (but not always) redirects the user to an external site that then shows facebook in an iframe along with advertisements. Facebook has yet to do anything about this app (though I have notified them).

For those who don't know how Facebook works, basically when one person installs an app, the app will pester them to request their friends also install it. A friend of mine installed it, which sent me a request that appears on a very long list of other such requests I've ignored. When I view my requests page, there is now a (sometimes) malicious iframe that will hijack my browser window, even though I have not installed any app.

I did something similar. I wrote a tool, Rolodexterous, that makes Facebook into a read/write contact manager: use the info FB has or add your own. Export it if you like, dhare it w/ friends based on your social graph, etc. Visually it is like Excel embedded into FB.

Facebook allows you to import your friends from Gmail, Yahoo, and the like, but Facebook's terms of service forbid you from using similar tools to export your Facebook friends to another website. If you try to use software to do this, Facebook may deactivate your account. We must demand that Facebook allow us to use tools to take the data gleaned from our social connections that we've entered here and, with our friends consent, export it however and wherever we wish. If you agree and are on Facebook, join this group to send them a message and spread awareness. For more on the issue, visit http://dataportability.org/ and http://opensocialweb.org/

Actually, what you just described is only partly right.
Facebook has a privacy statement at http://www.facebook.com/policy.php which includes the following:


Profile information you submit to Facebook will be available to users of Facebook who belong to at least one of the networks you allow to access the information through your privacy settings (e.g., school, geography, friends of friends). Your name, network names, and profile picture thumbnail will be available in search results across the Facebook network and those limited pieces of information may be made available to third party search engines. This is primarily so your friends can find you and send a friend request. People who see your name in searches, however, will not be able to access your profile information unless they have a relationship to you (friend, friend of friend, member of your networks, etc.) that allows such access based on your privacy settings.

and this:

Facebook may use information in your profile without identifying you as an individual to third parties. We do this for purposes such as aggregating how many people in a network like a band or movie and personalizing advertisements and promotions so that we can provide you Facebook. We believe this benefits you. You can know more about the world around you and, where there are advertisements, they're more likely to be interesting to you. For example, if you put a favorite movie in your profile, we might serve you an advertisement highlighting a screening of a similar one in your town. But we don't tell the movie company who you are.

and this:

We do not provide contact information to third party marketers without your permission. We share your information with third parties only in limited circumstances where we believe such sharing is 1) reasonably necessary to offer the service, 2) legally required or, 3) permitted by you.

(my emphasis in all cases)

So, yes, Facebook can make a profit from your data; but NO , they can't sell your personal information, such as your email address or telephone number, to anybody. Terms and Conditions are legally binding on both parties.

The policy is governed by the laws of the US; I'm not sure what privacy protection that offers. Here in Australia, we have a privacy act which grants 'ownership' of information to the person who supplied it. You can't use information, even within the one organisation, for any purpose for which it was not specifically collected. In the situation at hand, your information belongs to you, and your friends' contact details belong to each of them. Facebook owns none of it. The legal issue, then, is a breach of the Terms and Conditions of use by doing something expressly forbidden in those terms (using a script) to do something legal and permissable (copy one's own contacts' data in line with the purpose for which the information was supplied [by the contact to the other user]... i.e., staying in contact). Had a user been using a script to grab information from people who weren't his/her contact and/or for other purposes (e.g., selling to a marketing company), now that would have been illegal. Unfortunately, it seems Facebook is worried they could get sued for facilitating these breaches of privacy.

My guess is that Facebook sees users using scripts for screen scraping as a risk; what's interesting is that they must do similar things to grab email addresses from webmail accounts such as gmail, and this leaves them with something of a double standard.

Too late? That would mean that people are brand loyal. They aren't.

its run on their (facebooks) servers, blockbuster then passes your cookie info to them (as the browser security model forbids facebook from accessing your blockbuster cookie)

here is the code that is embedded on the blockbuster site
http://www.facebook.com/beacon/beacon.js.php?source=5128113678

it can be blocked by the Firefox extension Adblock+ and adding the rule

*facebook*beacon*
or to stop other trackers as well (as the word beacon is a common tracking terminology)
*beacon*

regards
A

Third-party applications run on third-party servers. They have access to most of your profile information, but aren't allowed to save all but the most basic pieces (user id, network id, etc.) because of the Terms of Service. They aren't supposed to store your friends, even. However, any info that you enter in the app is fair game. For example, if you enter the books you've read in this app, they can store that information.

The question is, do you trust these 3rd party apps to not store your personal info from your profile?

For reference, halfway down this page is a decent list of profile information available to developers.

Third-party applications run on third-party servers. They have access to most of your profile information, but aren't allowed to save all but the most basic pieces (user id, network id, etc.) because of the Terms of Service. They aren't supposed to store your friends, even. However, any info that you enter in the app is fair game. For example, if you enter the books you've read in this app, they can store that information.

The question is, do you trust these 3rd party apps to not store your personal info from your profile?

For reference, halfway down this page is a decent list of profile information available to developers.

I wrote BBOnline about this, and this was the reply they gave me:

Thanks for contacting Blockbuster Online Customer Care.

I'm very sorry for any inconvenience this may have caused. When you log in to your BLOCKBUSTER Online account, the site uses "cookies" to determine if you have ever visited Facebook.com. (Cookies: a collection of information, usually including a username and the current date and time, stored on the local computer of a person using the Internet. It is used by websites to identify users who have previously registered or visited the site.)

If cookies detect that you have a Facebook account, regardless of whether or not you have installed the Movie Clique(TM) application, then activities on blockbuster.com such as rating movies or adding movies to your Queue will be sent as notifications to your mini-feed and friends' profiles. You will see a "toast" for each action resulting in a notification. If you want to permanently disable the Facebook integration on blockbuster.com, you can easily change these settings on Facebook by clicking on Privacy Settings for External Websites. Under "Allow these websites to send stories to my profile" for Blockbuster, click "Never" and Save.

You may see a pop-up on blockbuster.com which introduces Movie Clique(TM) encourages you to link your BLOCKBUSTER Online® account to your Facebook profile. If you don't want to see the screen pop anymore, click the "Do Not Show This Again" box and click Save. I hope this information helps, feel free to contact me anytime.

So basically, they snag your facebook cookie, then they add your rental info on your account without asking permission, forcing itself on your account, and announcing away. It's up to you to then uninstall that shit.

BBOnline: See you in court!

People can still join the fight, from abroad, by joining the Facebook group to pad our numbers for the next round.

True fact: look at the source. Even at http://facebook.com/ it logs you securely in via SSL.

Well, for one, Brawndo has twice as much caffeine as a cup of brewed coffee, and #2, it uses dextrose, not high fructose corn syrup.

As older siblings have mentioned, the login form data is in fact posted to https://login.facebook.com/login.php .
However, since the login form is presented to you in the clear, you are still prone to a man in the middle attack - someone could intercept the login form and replace action="https://login.facebook.com/login.php" with action="http://bad.website.example/submit".

Does this strategy protect the Facebook users' data from being seen by non-Facebook users at the Facebook API level? By this, I mean that Joe Internet User cannot see my data on the Facebook application, and that Facebook is held liable for this, not the application developer? If this cannot be guaranteed, it looks like I might be removing most of my applications, no matter how useful they may be. I trust Facebook a whole lot more than I trust individual people.

Of course, we're concerned about our users' privacy, and so the only user-specific data available on public canvas pages will be first name and profile picture (and then only if the user's profile picture is already publicly searchable). But you, the application developer, need not worry; FBML tags will automatically handle privacy rules for you.

1. I write code to do my normal FB app, as if it's logged in.
2. Someone accesses my canvas page from outside of Facebook.
3. Any reference to personal data on the page is scrubbed out, except for a) first name and b) profile picture*

<form method="post" name="loginform" action="https://login.facebook.com/login.php" ...

<form method="post" name="loginform" action="https://login.facebook.com/login.php" ...

You can find a list of the main actors, plus contact information for members of Parliament and news organizations here (scroll down).

The most important person to contact is your MP. I've heard it's better to get him or her to forward your letter to the minister responsible (Jim Prentice) than it is to send it to Prentice directly. Doing both can't hurt. Paper mail and faxes are the best, though phone calls are good too. Don't forget to contact newspapers big and small. In all cases, be polite and to the point.

You can find your MP's contact information by typing in your postal code here.

If you need sample letters, check out the Facebook group's list. My non-technical explanation of why this is a terrible law is here. I'll quote it in a reply to this post.