Facebook App Exposes Abject Insecurity

ewhac writes "Back in June, the American Civil Liberties Union published an article describing Facebook's complete lack of meaningful security on your and your friends' information. The article went virtually unnoticed. Now, a developer has written a Facebook 'Quiz' based on the original article that graphically illustrates all the information a Facebook app can get its grubby little hands on by recursively sweeping through your friends list, pulling all their info and posts, and showing it to you. What's more, apps can get at your information even if you never run the app yourself. Facebook apps run with the access privileges of the user running it, so anything your friend can see, the app they're running can see, too. It is unclear whether the developer of the Facebook app did so 'officially' for the ACLU."

Really?

[Jurily]

Public information is public. News at 11.

Re:Really?

[automag]

The problem isn't so much that public information is public, it's that Facebook represents itself as secure and private to its users and then leaves the barn door open for developers, betraying that trust. Should Facebook users be more cautious? Absolutely. But most Facebook users are sheep-le who won't give a second thought to this kind of thing. If someone wants to leave their own information open and public that's one thing, but when they leave their entire network of 'Facebook friends' information public by proxy (even if their friend has done everything 'right' in terms of securing their information) that's where the real problem lies.

Re:Really?

[Jurily]

but when they leave their entire network of 'Facebook friends' information public by proxy (even if their friend has done everything 'right' in terms of securing their information) that's where the real problem lies.

You're assuming that all these people only have 'friends' they actually know and trust.

If you put it up for others to see it, others will see it. It's that simple.

Re:Really?

[automag]

You're assuming that all these people only have 'friends' they actually know and trust.

If you put it up for others to see it, others will see it. It's that simple.

No, actually whether a user has friends they 'know and trust' is completely moot. On Facebook someone can have their information handed over to a 3rd party developer by anyone in their network, whether they're someone trusted or not. "A strange game. The only winning move is not to play."

Re:Really?

[flajann]

As a Facebook Developer myself, I have something to say on this.

It would be really tough to have the type of security everyone wants, AND have these FB apps to be useful. Tradeoffs, guys. The whole idea in most of these FB apps is the sharing of data between friends, which means the Application will have access to much.

You could have fine-grained security controls exposed to the user, but this would make FB security confusing to most of its users, and it also would hamper the applications and what they can do.

And if you were to implement such stringent security procedures now, it would break many of the apps in use.

I think it's safe to say that never put anything on Facebook that you wouldn't feel comfortable with the whole world seeing. And that goes for the Internet in general.

But, every time you install an FB app, it DOES ask you if you wish to allow the app to have full access to your information. So, if you don't feel comfortable, don't click that button!

Having said that, there should also be some ethical guidelines for FB developers.

Re:Really?

http://failblog.org/2009/08/22/facebooking-win/

Sorry, it has absolutely NOTHING to do with how secure Facebook says it is. People are just retarded online and the pic above proves it 100%.

Re:Really?

[Jurily]

I merely assumed that people putting up information specifically for the purpose of others reading it, will consider the fact that other people will read it.

You announce your birthday or put up an invitation to a party, but you don't put the steamy details of last night up there.

Re:Really?

[betterunixthanunix]

"But, every time you install an FB app, it DOES ask you if you wish to allow the app to have full access to your information. So, if you don't feel comfortable, don't click that button!"

As the app in question demonstrates, you do not personally have to install an app in order for the app to see your Facebook information; a friend who installed could give it the same level of access.

Re:Really?

[RalphSleigh]

The problem is that even without you authorising any applications, as soon as any of your friends take a quiz, that application can see anything about you your friend can. The what length of wood is your dog like quiz has no need of this info, but its not simple to disable its access.

You can turn off this behavior, but only if you don't have any applications authorised yourself (I have an application I have written to fill a box with content from an external site on one of my pages, I can't have this on my profile or access the developers network app AND block quizzes from reading my info at the same time).

Trusting all your friends/networks not to do things that will compromise your privacy is also a non-stater.

Re:Really?

[automag]

It's a fair point... People join Social Networking sites because they want to be social. I think you're probably right that the 'solution' has more to do with the developers than the users.

Re:Really?

[access.name]

That wasn't the user, her account was compromised by btards after they hacked a christian dating site. See this or do a google search for "4chan hacked facebook".

Re:Really?

[maharb]

What about providing a checkbox for users that says "don't give out my information to anyone but friends". I am a facebook user because of what I can only call peer pressure. I would like it if no one had access to my info except friends but facebook lacks that option. I don't care about apps so why can't I remove myself from this pool of data.

"But, every time you install an FB app, it DOES ask you if you wish to allow the app to have full access to your information. So, if you don't feel comfortable, don't click that button! "

The issue here is that if one of my friends trusts an app then they have access to MY data. Why should this be allowed with no way to turn it off. Like I said before, I don't want to participate in the app frenzy of facebook at all. I would be perfectly happy to lose the functionality of the apps for privacy.

"I think it's safe to say that never put anything on Facebook that you wouldn't feel comfortable with the whole world seeing. And that goes for the Internet in general."

If that is what facebook and developers think about millions of people's private messages, photos etc they are going to be in for a huge struggle later. People don't realize their facebook info is up for grabs so easy. Once someone publicly demonstrates how much developers(anyone) have access to and the response from facebook is "you should have known" there is going to be a mass exodus from the service or demand for what I am advocating. The idea that information on the internet should be treated as public information is a flaw in logic and a step back for using the internet for more things(like healthcare). This is about security, permissions etc. You can keep information 'safe' on the net. I know hackers can get the info, but I am talking about not giving it out freely.

As a developer I get what you are saying. You can't provide functional apps without the data. You have to realize though that there are other perspectives, ones that may be more important than what a developer wants. As a customer of facebook, and possibly you and your apps I say I don't like what you want from me. That should be a red flag.

Re:Really?

[WCguru42]

But most Facebook users are sheep-le who won't give a second thought to this kind of thing.

It's less so that they're "sheep-le" and more so that they are not aware of technology. It's kinda like sending your car to the repair shop when you don't know shit about cars. My friend recently got bilked out of $500 because he was told he had to replace his part with a "certified" component. My friend didn't know any better so he went with what sounded reasonable but in reality it was a rip off. The same goes for most users of facebook, they don't know jack shit about computers, the internet, etc. and they don't know that when facebook updates their security measures that it's really just lip service.

Re:Really?

Ok, so how did 4chan get her password for her Facebook account from that christian dating site again? Oh yeah, she was retarded and kept the same password for her accounts. My point is proven. Next!

Re:Really?

[krou]

It would be really tough to have the type of security everyone wants, AND have these FB apps to be useful.

Wait ... there are useful Facebook apps?? ;)

Re:Really?

[Locutus]

but the system is designed such that it gives the impression that you invite people to share with and that includes your info. Now, I wonder why they say you can't see someones info unless you're "friends" with them when in fact, you just needs to be friends with one of their friends. And you know, when you go to click an app and see where it says the developer has access to your profile data? It didn't, and probably still doesn't, say that if any of your friends accepted the app, the developer already has access to your profile data.

Public info is public info but not when you're given the impression of selective publicity.

LoB

Re:Really?

[Seumas]

But you might discuss them with your friends. Until you discover that your friend lets everyone on earth into their house any time they want (ie, run Facebook Applications) and one of those people (applications) has installed a listening device in the lamp and everything you thought you were discussing with your private group of friends is actually being directly pumped to some third party who is not your friend.

People throwing the "imagine that, information on the intarwebs is public!" line are being disingenuous. It's like saying you have no reasonable expectation of privacy in your email communication, just because it technically *could* be intercepted. Or that using online banking proves you're an idiot, because your login information *could* be compromised if someone got physical or root access to the bank's database server.

The nature of facebook, like many other things people use, implies a certain degree of privacy and control over your exposure. It's not at all the same as just blathering all your crap on a public forum for all of google to index and serve up somewhere.

Re:Really?

[Seumas]

Actually, facebook is very misleading in this way. There ARE options to make each element of your information *ONLY* available to friends. Or even to nobody.

Unfortunately, their Facebook Application API directly violates the spirit of that by making it available to people other than your friends.

The single most awful thing about facebook is the wealth of Applications. They're all crap and at best they're annoying. Every time I see some jack ass wasting my time (because it posts that they are using an app to my information stream) doing another "what kind of dog turd are you?" quiz, it makes me hate humanity just a little bit more.

Re:Really?

[Runaway1956]

Mod parent up some more, 5 points isn't nearly enough.

Personally, I give less info to my "freinds" than is commonly available as public information on Facebook. I don't use apps - most of them are to silly to bother with, and the rest are vectors for dataminers and/or malware. Who needs them?

Re:Really?

[Jurily]

It's like saying you have no reasonable expectation of privacy in your email communication, just because it technically *could* be intercepted.

You have no reasonable expectation of privacy in your email communication.

Re:Really?

You announce your birthday or put up an invitation to a party, but you don't put the steamy details of last night up there.

I don't have any steamy details, last night or any night, you insensitive clod!

Re:Really?

[Runaway1956]

*sigh* I lack sympathy. Let me get this straight. I know jack about aircraft, but I'd like to own one. So, I trot my happy ass down to the airport, find a pretty plane (with PONIES even!) and hand over my hard earned cash. Climb in, fire it up, and drive it into the trees at the end of the runway. This is whose fault, exactly? Is it the guy who sold me a plane? Was it his responsibility to investigate my background, to find out whether I even had a pilot's license? Was it his job to teach me about planes? Was it his job to inform me that the little single seater wouldn't lift off with all those ponies in the cargo bay?

If people are going to be on the web, they should at least have a clue about what the web is.

Re:Really?

[Jeremi]

You have no reasonable expectation of privacy in your email communication.

I think you don't understand the concept of "reasonable expectation of privacy". It's not a technical idea meaning "this data is secure". It's a social/legal idea, meaning "third parties are supposed to know that this data is private, and so they should keep out of it even if they are technically able to look".

By that measure, you certainly do have a "reasonable expectation of privacy" for your email. For example, if your ISP started posting your emails to a public web page, you would have grounds for a lawsuit. Therefore, you can "reasonably expect" that your ISP won't do that.

Re:Really?

[jslater25]

What, you mean 'personal responsibility'? They don't even teach that in schools. Why would someone in this day and age claim responsibility for their own actions?

Re:Really?

[ObsessiveMathsFreak]

No. That's not good enough anymore. With the global reach, massive databases and indexing software available to most companies, it's no longer good enough to say that once your private data slips out that it's fair game for anyone to do whatever they please, whenever they like with it. I don't want Google or Facebook or anyone else spamming people who have just happened to send me an email. I don't want private companies data mining my address book and contacts list.

You say that once my data has become "public", all bets are off. But how many of us have ever, in our lives, made some of our data explicitly "public", for the whole world to view? I gave my data to my ISP and some to Google. I didn't publish it on a big HTML page for the world to gawk at. Where exactly do private companies gain the right to pass that information on to every and any third party they please? From their click through EULAs? That's pushing it.

The real teller here is the balance of power. Facebook can spam your contacts list, but if you somehow managed to get your hands on theirs, legally, and proceeded to spam everyone on it, what fate do you think would await you? You'd be hauled over the coals before the day was out. You don't have high priced lawyers and the ability to file suit in 50 countries. Right now possession of data is 9/10ths of the law, and the other 10% is too expensive for the likes of us.

Re:Really?

[Jeremi]

If people are going to be on the web, they should at least have a clue about what the web is.

That would be nice, but face it -- if the only people who used the Internet were the people who had the time, brains, and inclination to understand how the Internet works, there wouldn't be an Internet.

Hell, I'm willing to bet that 75% of the people on this very site (subtitle: "News for Nerds") would have trouble identifying a privacy leak before they stepped in it. Myself included.

Re:Really?

[Runaway1956]

Point taken. I could look at the code for any given program, and fail to see the most glaringly obvious security flaws. What sets me (and, presumably, most slashdotters) apart from the herd is, we are willing to read, willing to investigate, willing to make decisions, and we decide who to trust, and who not to trust. I don't need to understand the flaws in Java or IRC to understand articles published all over the web stating something to the effect, "ApplicationX versions prior to 1.6 have been found to be insecure due to a buffer overrun, please update to version 1.7"

The average windows home user implicity trusts everything he sees on the net. "Your computer could be infected with viruses, please run our free scanner". He never even looks to see who is offering the scanner, he doesn't search for that company, he just clicks it, runs it, then downloads the trojan offered when viruses are found.

I've clicked a couple of those things to see what they might find on my Linux boxes. Amazingly, they found all sorts of stuff on my C: Imagine that.....

Re:Really?

[Seumas]

It's like saying you have no reasonable expectation of privacy in your email communication, just because it technically *could* be intercepted.

You have no reasonable expectation of privacy in your email communication.

Please clarify exactly how one has no reasonable expectation of privacy in their email communication?

Re:Really?

[bhartman34]

You have no reasonable expectation of privacy in your email communication.

That's only true in a business setting, and only in relation to your employer, on your employer's mail server.

Your employer has the right to read your email. You work for them, your email is basically your work product, and they can do whatever they want with it.

Your personal email account is another matter entirely. Your email can be subpoenaed, but that requires a court's intervention. Your ISP can't just post your email on a public web page and expect to get away with it. They can access your email because it's on their servers, and they have to comply with law enforcement requests that have court orders behnid them, but if a private investigator working for your wife wants to get information from your email about your infidelity (assuming you were stupid enough to email your paramour), they wouldn't legally be able to hand over the information.

Re:Really?

There are some tick boxes you can untick to stop friends' quizzes seeing your info. I found these worked testing with my scratch account. Otherwise don't use applications or use a scratch account just for applications.

Otherwise - no need to give correct info to Facebook. Low res watermarked images are sufficient for sharing with friends. I have a script I run on my Linux system which prepares them. There's still plenty of "incriminating" evidence there, but it's not so bad. Not enough for identity fraud because of the false information.

Re:Really?

[gilgongo]

You have no reasonable expectation of privacy in your email communication.

I think you don't understand the concept of "reasonable expectation of privacy". It's not a technical idea meaning "this data is secure". It's a social/legal idea, meaning "third parties are supposed to know that this data is private, and so they should keep out of it even if they are technically able to look".

The trouble is that this is the first time in history when the three broad realms of "private", "semi-private" and "public" have been mixed together - and it baffles a lot of people.

In the past, if I sat on my toilet with the door locked, that was private. If I went out and spoke to some friends in a bar, that was semi-private (what I said might get around the village, but not much more), and public was pretty much impossible unless I became a politician or a journalist.

Now, however, it's very difficult to work out which state you are in at any one time, and what's worse, you often don't know what's public, which is a state that for the vast majority of humans, is totally new.

Re:Really?

Steamy details? Say no more: http://feedproxy.google.com/~r/failblog/~3/0kjhEu9xoj0/

Re:Really?

Its a long establish rule that ordinary mail belongs to the recipient. They may do whatever they wish with the communication including publishing it to the world. The same principle applies to email. Why would anyone expect anything different?

Re:Really?

it makes me hate humanity just a little bit more

You should just go ahead and crank up your hatred of humanity to the maximum level of which you are capable... because that's what it deserves, and that is what it will end up at eventually, and you will be better off for realizing it as early as possible.

Re:Really?

[fbjon]

What part of 'reasonable' is hard to understand?

Re:Really?

[mabinogi]

The ACLU's app lies.

When a friend installs an app, it has full access to everything _your friend_ can see in your profile, not the same level of access as an app you install yourself would have.

It doesn't magically grant the app more rights to see stuff than the user installing it already has.

Re:Really?

[As_I_Please]

Actually, no. The paper manuscript or the digital file belongs to you. The content, i.e., the copyright, belongs to the letter writer. If you publish a letter or email (or even show it to someone else), the letter sender can sue you for copyright violation. Granted, there are fair use exceptions, but you cannot publish, in whole or in substantial part, any letter you receive without the author's permission. http://www.publaw.com/biography.html

Re:Really?

[Fulcrum+of+Evil]

You could have fine-grained security controls exposed to the user, but this would make FB security confusing to most of its users, and it also would hamper the applications and what they can do.

Hardly. at a base level, you have 3 settings: trust, trust that carries (I trust you to pick friends), and don't trust. Refining that somewhat, you can define groups you associate with - drinking buddies or whatever.

The cool thing here is that defining your membership in a finite group allows you to see info from the other people in that group, but it's really hard to get info from some random person because trust relations are not transitive: if i'm in a poker night group with 5 other guys, I can't hop to their friends simply because they have a trust relation. I'd have to make my own. If you agree on this, then the question becomes how to make the creation and admin of a group simple and easy. If you don't you can still do things like limit access to two degrees of relation, which helps with the volume of info available.

Re:Really?

[VoltageX]

It's like the first time you discovered your conversations were being logged on IRC. People seem to be discovering the internet all over again, which I guess is true - even though the "new" users are only using a very limited subset of functionality.

Re:Really?

[suomynonAyletamitlU]

Maybe, but if your friend has a cybernetic implant from a trusted company, and you let them look over your shoulder while you do your taxes (pretending you still do your taxes on paper, I mean), it's still the company's fault that your identity info gets stolen by some scammer on the web. You let them see your private things, you both knew the implant wasn't 100% secure, but it's your friend, and you wanted their help.

I wrote an essay for college last year about ethics that used facebook as an example of borderline unethical behavior. Basically I said that people will have expectations coming in to a situation about what is reasonable and not reasonable to expect, and if you don't go out of your way to explain what is and isn't reasonable, you can expect that a lot of the users will continue using their expectations rather than reality, and if you are building your business knowing that they are going to have unrealistic expectations--or especially if it's based on that knowledge--but not addressing those beliefs, then that's clearly unethical.

I've also been toying with the idea of (if I ever ship software) converting EULA digital signatures into a basic rights quiz. If signing up for facebook took you through a set of questions that said,

1) Nothing I post here can be accessed by third parties [Y/N]

2) Nobody will ever see my drunk frat party pictures except the people I explicitly share them with [Y/N]

And the site pointed out in big red letters that your answers were wrong and didn't let you pass until you got them all right, then people would pay attention. Now, some minority will still not care and fewer still will just be completely oblivious no matter what you say, but something like that is a very reasonable amount of effort for the site maintainers to go through to correct users' misunderstandings.

Re:Really?

[CSMatt]

Or that using online banking proves you're an idiot, because your login information *could* be compromised if someone got physical or root access to the bank's database server.

Using online banking proves you're an idiot.

Re:Really?

You're a snob. That's all it boils down to. People are trying to live their lives and just so happen to not BE COMPUTER PEOPLE, so they are inferior to you.

Grrrrr you are such a dickhead.

Re:Really?

[Trepidity]

it's that Facebook represents itself as secure and private to its users and then leaves the barn door open for developers, betraying that trust

In particular, Facebook doesn't make much effort to encourage better privacy practices. They could, for example, have multiple access levels for apps. A "quiz" app doesn't actually need any access to information; all it needs is the ability to post a quiz results to your wall. That's what people expect it to do. But there's no way to tell if this is what it does or not.

If Facebook had multiple app access levels, there'd be a chance that people would actually notice nefarious things happening more easily. If you clicked on a quiz app, expecting it to ask you for the right to post to your wall, and instead you get a popup asking for the right to access all your information, you might know something is fishy, because it's asking for permissions it clearly doesn't need. But with the current system, you have to either not use the app at all, or give it access to everything and trust it not to misuse it. By making "apps get access to everything" the expected option, Facebook encourages this culture of laxity.

Re:Really?

[andy_t_roo]

Isn't the issue that you provide your data to your "friends" and your friends then pass that info onto any applications -- what you want is DRM for your data -- other people can view it but not pass it on.

hmm, where have i heard this argument before....

anyway, if you give your friend a secret note then he accidentally allows a random third party to read it, who should you get anoyed at -- the friend, the third party, or the company which provided the paper for the note?

Re:Really?

[buchner.johannes]

You announce your birthday or put up an invitation to a party, but you don't put the steamy details of last night up there.

ORLY?
http://failblog.org/2009/08/22/facebooking-win/

Re:Really?

[maharb]

I agree with this in a manual transfer of the data. If your friend manually sends off your data to people then there is nothing you can do except not give that person your data.

    What I have a problem with is the automatic transmission of this data via systems that your friends are not in charge of. I think the facebook example goes beyond the note example because of the way data is stored. Unlike in real life where physical walls block access to data, in the virtual world the "paper" providers are also the "wall" providers. Without safeguards to the "paper" everyone can see it from everywhere. Clearly this puts far more responsibility on the providers of the "e-paper" service than a real paper provider.

The proper way to deal with this is allowing the user to hide the data behind as many 'walls' and 'locked doors' as the user wants.

Re:Really?

[ScepticOne]

If it does, then it's clearly not for the reason stated - if someone has physical or root access to the bank's database server then you're screwed whether you use online banking or now.

Re:Really?

[nacturation]

The ACLU's app lies. When a friend installs an app, it has full access to everything _your friend_ can see in your profile, not the same level of access as an app you install yourself would have.

Is that not what the summary already explicitly says? "Facebook apps run with the access privileges of the user running it, so anything your friend can see, the app they're running can see, too." That pretty much agrees with what you just said: the app your friend runs sees what your friend can see. The problem is, my friend's app is not my friend.

Re:Really?

[Sparr0]

The content as a work belongs to the writer. The information contained within it does not. I can summarize a 1000-word email from you as "You slept with John's wife", completely violating your [incorrectly] expected privacy without violating your copyright.

Re:Really?

[consonant]

Any time you add/access for the first time a Facebook app you have to click through a disclaimer screen that explicitly says the app can have access to pretty much any aspect of your Facebook profile, including your friends network, and whatever you can access on your contacts' FB profiles.

It really isn't "abject insecurity" when a window manufacturer says the panes they make can be broken easily by a hammer, and someone does precisely that. No point chiding the manufacturer then - they told you so!

Re:Really?

You CAN do this easily, especially as you don't require applications, and API access:

Settings > Privacy > Applications > Settings

then check "Do not share any information about me through the Facebook API"

Even if you DO want to allow API access, you can still select the other option and prohibit the API access to everything except you name, networks and your list of friends by unchecking all the boxes. This should be more than enough security for most people.

Can we please mod this post up so we don't have to keep hearing the same misinformed rants "OMG FCAEBOOK RAPES ALL MY INFORMATIONS!!!!!1" rants?

Re:Really?

[hesaigo999ca]

Seriously I implemented this new way of doing things which makes all my profiles stuff REALLY,REALLY private, even to hackers, I deleted my account!

Re:Really?

I've got to be honest. I took the quiz and looked at what it showed. None of the information looks that scary to me. In terms of marketing info you could probably find out more about me from a phone book. It's not like I post my cell phone number or tell intimate details of my life. There are some goofy pictures of me drunk but I wouldn't have posted them if I cared. In principle I understand the issue, but ultimately the whole point of posting something on facebook is to make it publicly known so if you don't want companies collecting demographic data on you or your scared of stalkers then don't post.

Re:Really?

[Pollardito]

There's actually a page in Facebook where you can control what apps that someone else has installed can see about you (go to Settings -> Privacy Settings -> Applications):

When a friend of yours allows an application to access their information, that application may also access any information about you that your friend can already see. Learn more.

...

You can use the controls on this page to limit what types of information your friends can see about you through applications. Please note that this is only for applications you do not use yourself:

What I don't like is that there is no way to control what apps that you install can see until after you've installed them (and they've presumably had that one opportunity to grab everything). You basically have to allow them to see everything and then can lock things down later?

Re:Really?

[PhxBlue]

In the past, if I sat on my toilet with the door locked, that was private. If I went out and spoke to some friends in a bar, that was semi-private (what I said might get around the village, but not much more), and public was pretty much impossible unless I became a politician or a journalist.

Now, however, it's very difficult to work out which state you are in at any one time, and what's worse, you often don't know what's public, which is a state that for the vast majority of humans, is totally new.

What about when I post to Facebook while sitting on my toilet with the door locked?

Oh, c'mon ... laptops and wireless technology were invented for blogging from the crapper!

Re:Really?

[hrimhari]

The point actually is: Facebook (and/or other such sites) gives you three basic privacy settings:

- No one can see it (private)
- Some people can see it (friends only, friends and friends of friends only, etc: semi-private)
- Everyone can see it (public)

When you configure your data to "semi-private", you're expecting the site to bind to that setting. But Facebook is full of such configurations, separated from eachother, where:

- You configure it on the most visible part (your profile), but it doesn't affect all categories (ads, apps, etc.)
- The default is public

Hence you expect that the privacy settings in such sites would be actually very well defined.

Note that the point is _not_ if you configure your data to be semi-private then one of your friends sell it to the news at 11. It's about Facebook respecting it.

Re:Really?

[kelnos]

No, the ACLU app says exactly what you said, and it *shows* you the information from your friends' profiles that it can see.

But that's the problem. When I set, say, the privacy setting for my birth date to "friends only," I expect my friends to be able to see my birth date, and no one else. This does not include the developers of an application that my friend installed.

This is even more confusing because each user has privacy settings for applications too. It's not clear to the average user that those settings only apply to what *you* share with applications that *you* add. If you've hidden your birth date from applications, then *your* addition of an app won't leak your birth date to that app, but if one of your friends (who can see your birth date) adds that same app, then the app can get your birth date through that connection.

I picked a mundane piece of information (birth date) as an example, but this becomes more of a problem when you think about home address or phone number.

Re:Really?

[kelnos]

Actually, scratch that. The Applications privacy settings page specifically is for your info that applications are allowed to see when a friend adds it. So it turns out I'm wrong. Unfortunately, there's *no* way to limit what applications that you add are allowed to see -- they're supposed to abide by your privacy settings, but that isn't enforced by any technical measures. In fact, it explicitly says: "When you authorize an application, it can access any information associated with your account that it requires to work." The "that it requires to work bit" is a bit misleading, because the apps get to self-define what they require. There aren't any measures in place to limit this.

Re:Really?

[kelnos]

I remember when the app platform was new, you were prompted about the specific types of information the app required and could optionally use, and you could uncheck the optional ones you didn't want to share. The required ones were set in stone, but you'd at least know at that point what would be shared and could make a better decision to allow or deny. A shame that feature is gone.

Re:Really?

[petermgreen]

Now suppose that same friend signed a contract with a company that had burried in the legalese "you authorise us to search your house at any time". Further imagine that the government upheld the contract and the company searched the friends house and looked at the note.

Who do you get mad at? the friend? the company? or the government?

Re:Really?

[kyriacos]

But, every time you install an FB app, it DOES ask you if you wish to allow the app to have full access to your information. So, if you don't feel comfortable, don't click that button!

That's true, but when I add a friend, I get no warning that this person has so many apps installed, and that these apps can have access to my information through this person.

This is the worst part, in general

Not that your information is in the hands of the facebook staff. That can be scary, but the facebook people, like google, have demonstrated a fairly reasonable approach to exploitation of personal information.

The problem is that it's in the hands of all of your friends and family. If there's any aspect of your life that should remain off the internet, never share it with a facebooker.

Re:This is the worst part, in general

[dkleinsc]

have demonstrated a fairly reasonable approach to exploitation of personal information.

So as long as our personal information is only reasonably exploited, it's a-ok?

Re:This is the worst part, in general

Sure, why not? You trade personal information for benefits all the time. When you buy a shopper card at Safeway, Costco, etc, you're letting them track your buying patterns in exchange for lower prices - although they use the tracking to figure out which items to buy and how to place them so as to sell you more. When you watch TV, you're giving away information about what kind of shows you like (sports, sci-fi, health, etc), and it is used to show you advertisements likely to be somewhat relevant to you. Similarly, with Google or Facebook, you trade some information about yourself for a convenient service. What kind of laws should be in effect about use of such information is another question. But you can't expect these services to exist if you give them no way to make income!

Re:This is the worst part, in general

[Jeremi]

So as long as our personal information is only reasonably exploited, it's a-ok?

Yup, that's the deal. Facebook gets to use your personal information in certain more-or-less socially acceptable ways, e.g. to choose which ads they show to you, and in return you get unlimited use of the FaceBook site, without ever having to pay anyone any money.

That may or may not be a-ok for you, but FaceBook's user seem to find it acceptable; otherwise they presumably would not be FaceBook users.

Re:This is the worst part, in general

[noidentity]

Somehow this "facebook" has never acquired any information about me. Oh right, that's because I've never signed up.

Re:This is the worst part, in general

but the facebook people, like google, have demonstrated a fairly reasonable approach to exploitation of personal information

You're joking, right?

Re:This is the worst part, in general

[cathector]

> If there's any aspect of your life that should remain off the internet, never share it with a facebooker.

schoolchildren should repeat this every morning right after the pledge of allegience.

some advice

[FudRucker]

if anyone wants to keep their personal information private then keep it off the internet, if you put your photo or real name & location on any part of internet (especially social networking websites) you can bet your life that somebody else is going to exploit that information in any way possible and for $profit$ if that is possible too.

Re:some advice

[Panzor]

The thing that annoys me is when someone ELSE posts my picture on the internet. It takes a community to keep an individual safe, and the facebook community is quite security inept.

Re:some advice

[Kral_Blbec]

What surprised me about the article is an extension of this. Not just pictures, but the entire profile is availible. I avoid all the Facebook quizes and crap because I already know it is a huge security hole that allows them to access your profile, but I never expected that it would also open up your friend's profile when you allow an app. That kind of pisses me off.

Re:some advice

you still don't get it. if your friend has you in a special group with limited access to his/her profile then the app you install will only be able to collect the information that you are restricted to seeing.

it does not bypass these security features.

Re:some advice

Except who has their BFF listed as a limited profile, even though their BFF could be a dumbass who installs these things?

Re:some advice

[betterunixthanunix]

Hey, you can leave Facebook any time you want to, and your information will no longer be exposed to these random applications. There is nothing that compels you to be on Facebook other than subtle social pressures.

Re:some advice

[nine-times]

I generally agree with you, and therefore don't participate in social networking sites. However, I still think tis is a problem insofar as Facebook claims to keep your information private.

To look at it another way, I don't have grounds to complain that my posts on Slashdot are being made public. I also don't think I have a lot of grounds to complain if Google wants to have automated systems reading my emails enough to feed me a relevant ad, since I know that's roughly their business model for providing free email. However, if I found out Google was allowing their advertisers to read my email, that I would be pretty upset about that. Whether or not it's wise of me to trust Google, they've given me the impression that my emails are private and they aren't going to allow other people to read them.

Similarly, I have limited sympathy for these people who post their drunken antics on social networking sites and expect that their coworkers and employers simply won't ever bother to look at the site. However, if Facebook is offering you to let you have private pages that are only visible to friends which you select, but they are then allowing others to view those pages, that seems like a problem.

Re:some advice

[ParanoiaBOTS]

The thing that annoys me is when someone ELSE posts my picture on the internet. It takes a community to keep an individual safe, and the facebook community is quite security inept.

The thing that annoys me is people who seem to think that they have a right to keep a photo from appearing online just because they appear in it. It's not like the person went into your house, pulled out your photo album and uploaded those photos. If you don't want to appear in a photo a person may or may not put online, don't go out in public. It's as simple as that

Re:some advice

Subtle social pressure, and a desire to keep track of what people are posting about you and your family. Sure your friends are going to post pictures of your kids pool party with names and addresses whether you're on or not. But at least if you're on there's a better than average chance that when Snotty "I don't care about your privacy or security" McSnotpants will helpfully tag your ugly mug and give you fair warning. You have no hope of warning if you're not a member.

Re:some advice

[silanea]

The thing that annoys me is people who seem to think that they have a right to keep a photo from appearing online just because they appear in it. [...]

At least in Germany people actually do have such a right (no english article linked, so I assume such a right does not exist in anglo-american law). Besides, for me courtesy demands that I ask people for permission before I put pictures of them online. What seems harmless to you may get another person fired, disgraced or harrassed.

Re:some advice

[ferd_farkle]

Hell, I'm still struggling to keep some relatives from using websites to send me "e-greeting cards".

I have to periodically create throw-away email addresses just to email these individuals, who complain that they have to keep changing their address books to email me.

Re:some advice

[TheRaven64]

In the UK, you do have that as a legal right. You may not publish a photograph of someone in any media without their consent, with a few exceptions (crowd scenes are one, and I believe there are some other exemptions for the press if the photographs are seen as being in the public interest).

Re:some advice

It's hard to believe that the British tabloid industry could possibly exist with that law in place. Surely you don't have an actual citation for such a law.

dom

Re:some advice

[g0at]

Same is true in the States and Canada, insofar as I understand the implications of "rights of privacy and publicity".

b

Re:some advice

The thing that annoys me is when someone ELSE posts my picture on the internet.

I agree... you're kind of an ugly git, aren't ye?

Re:some advice

I have a spouse who lives on FB. I hate FB. Divorce is not an option, but murder has oft been considered...
Or I could throw the internet and telephone out of the house entirely. If its really important, call me on my mobile.

Re:some advice

[Kral_Blbec]

I actually didn't even know that you could restrict which friends see what of your profile. Last time I tried to look into it then it was an all or nothing. If they are a friend, then they have full acess. I ended up dropping a few mild acquaintances because even though I liked them, I didn't entirely trust them enough to call them a real friend.

Just now I found how to restrict individuals on your profile. It doesn't seem very intuitive and is pretty deeply hidden. Its under the privacy tab, profile, then each drop box has the option "customize" which brings up an overlay popup. I doubt many know of it. The much much more sensible way to do it would be with groups under the friends tab.

Re:some advice

[Kral_Blbec]

Hate to reply to myself, but I wanted to clarify something. I'm not saying its not intuitive that it is under the privacy tab, but being an option from a drop box and not as a dedicated link means many people won't see it even if they are looking for it. The interface needs to be much more developed and accesible from both the privacy and friends pages.

Re:some advice

[gnuotaku]

I don't know about anywhere else, but in Canada it's a crime to post a picture of someone to the internet or otherwise use it without their explicit consent. Canada has fairly strict privacy laws (as can be seen with the recent clashes with Facebook over privacy), and although many people think it is okay to post any pictures they've taken of their friends/family onto Facebook and other sites without needing to get permission, at least in Canada doing so is illegal and can result in criminal charges being pressed.

Re:some advice

[Athanasius]

And there's also another thing that confused me. There I was, following your advice, and looking at the sections I could tweak in this way... and wondering WTF the 'Contact Info' one was. It took me 5 minutes to notice the additional 'tab' near the top of the screen. Bad UI design.

But, still, even if you lock down every section to 'only some friends' using groups and/or specific friend names, all it takes is *ONE* person you've decided is trustworthy to have a moment of insanity and run an app that trawls all possible info it has access to. That or their off-spring, significant other, pet, random friend visiting etc. decides to fill in some quiz a (non-trusted for this purpose) friend had done, visible in your feed, and it's all blown out of the water again.

What is needed is a Facebook option to say "Even if I've given access to some of my profile information to someone, when they use a Facebook Application the most that Application knows about me is that a) I AM their friend, b) plus any information I have explicitly already allowed that Application to access, or c) Anything I've made available to Everyone on Facebook".

In essence it seems that Applications get sudo rights to the person using them.

Re:some advice

[I)_MaLaClYpSe_(I]

And how can you exercise that right? It's true, you do have that right. But you can only assert that right if you know that somebody is going to upload a picture of you. So, how do you know?

In case somebody uploaded your foto without consent, you can have them remove it and/or sue them but the information is already published and nothing will change that fact.

And how can I know about every photo of me that has been published? How can I search for them? How do I even know when a photo has been taken - say from traffic cams, hidden cams, etc.?

Don't get me wrong, I love this law and this is why google earth had to blur all faces in my country but it does not protect me from somebody uploading my photo. It does not even protect me from somebody then tagging my photo with my real name, e.g. in some social networking site I don't even know exists. And since I can't search for photos that show me but which I do not have (because someone else took it), I will never find out in order to get it removed which would be too late anyway.

Re:some advice

The right is significant even if you're not aware of every violation of it. Someone may be able to steal something from my home, and if it's small, I may not notice it for some time or possibly never. That doesn't mean I have any less right to legal protection from people stealing my possessions.

Re:some advice

It's not like the person went into your house, pulled out your photo album and uploaded those photos.

I have my own private, password-protected web interface where my family and friends can view the photographs I have taken. One day a lot of these images showed up on Facebook. So in fact you are mistaken. This person actually did go to my house (my SSL and password-protected web server hosted in my apartment), pull out my photo album (digitally), and uploaded photos directly from it to Facebook.

Strangely enough, that person's account doesn't seem to work anymore.

Facebook App Exposes Abject Insecurity

[Dogtanian]

Yeah, I've noticed that this "Facebook" app exposes an abject insecurity.

Namely that of the users who seem to be obsessed with their not appearing popular enough, and adding as many "friends" as they can.

Re:Facebook App Exposes Abject Insecurity

[TheVelvetFlamebait]

Making and keeping track of plenty of friends (by the facebook definition) is the point of facebook, according to the many people who patiently explained facebook to me.

Re:Facebook App Exposes Abject Insecurity

[Seumas]

I don't follow your comment. What does the application exploiting user data have to do with friend-whores? Your mom is just as likely to use one of those stupid "what does your poop say about you?" quizzes as any random person you might unwisely accept as a "friend".

Also, in a lot of situations, people may have a lot of "friends" on a service like Facebook not because they're attention whores, but because they are in a situation where either by association with certain groups or by nature of their job or otherwise, people tend to want to befriend them on Facebook (or elsewhere). Hell, I have a lot of people I am "friends" with that I don't exactly know. I wish I could keep it to ONLY people I personally know (friends, family, colleagues) but like many people, I am in a situation where denying friend requests would seem rude and arrogant. The only solution would be multiple accounts on such social networking sites, when then defeats the whole purpose.

Of course, I'd prefer we all just stuck with email, but unless you're in the tech industry, it seems like the chances of reaching someone by email is getting slimmer and slimmer.

"Oh, why'd you send it to me by email?! I never check that thing!"

*sigh*

Re:Facebook App Exposes Abject Insecurity

[Seumas]

Sort of. You can assign individuals to collective "groups". Like having an address book divided up by Family, Friends, Colleagues, Members of My Website, People I Have No Fucking Clue Who They Are...

But your communications with them are an all or nothing deal. You can't have separate groups where you limit posts/threads/discussions to "Family" and others to "Friends". That would be nifty, though.

Re:Facebook App Exposes Abject Insecurity

[Dogtanian]

Sheesh, chill out, it was a stupid play on the headline making fun of a slightly stereotyped (but not untrue) type of Facebook user. That's all... :-)

Re:Facebook App Exposes Abject Insecurity

Couldn't they just make a script to make everyone on facebook a friend of everyone else?
It would save a lot of time.

Privacy is simple

[verbatim]

Don't publish/post anything that you wouldn't want made public.

Simple enough, people? Seriously.

Grow. The. Fuck. Up. Stop being retarded, paranoid jackasses. Facebook, et.al., are out to make MONEY. That means collecting information, data, digesting it in some way, and then selling that information to advertisers/perverts/your mom/etc.

I just don't get why people are up in arms about "privacy" on a public website, even one with "private" areas. I mean, it's kind of interesting how people will put personal information on a public website and then build virtual walls around it to keep other people out.

Are you so embarrassed by your circle of friends/family that you really don't want other people to know?

Do you really think that you are such an interesting fucking nobody that everyone in the whole goddamn universe wants to know everything about you?

You are one nobody among a collective of nobodies. Deal. :)

Re:Privacy is simple

[gbjbaanb]

I suppose the problem is one of trust - Facebook says "set your privacy controls and you'll be safe", and some people believe this! Not everyone is educated about the internet, they treat it as they would other people, not realising its totally different. These people use Facebook.

Re:Privacy is simple

[Kral_Blbec]

It's not about posting anything you dont want public. Its about OTHER PEOPLE posting it about you.

Re:Privacy is simple

[notamedic]

Facebook is incredibly popular and the start of your third paragraph shows that (aside from an inability to stop swearing) you can't comprehend what the general non-geeky public want from the internet. Social relationships are complicated - how you interact with your friends and what they know about you may not be the same for your family and for your work colleagues.

I'm not a big fan of facebook, but the people who use pejorative terms to dismiss it obviously don't understand it.

Re:Privacy is simple

[pnattress]

It's perfectly possible to set privacy settings on Facebook for applications as well as friends. You can control the information other friend's applications can see. (Settings -> Privacy -> Applications). It's not heavily advertised, because if everyone hid all their info it would devalue their API somewhat, but it's definitely there.

Re:Privacy is simple

[Seumas]

I think you have missed the entire fucking point of Facebook. Facebook is not about blathering your shit to every fucking moron on earth and acquiring as many "friends" as possible, but about communicating and keeping up with a select group of people that you have chosen to communicate with. For example, colleagues, family, and close friends.

I don't give a fuck about you or what you have to say day in an day out, but your mom might. Or your school chums. Or your best friend at the office. And since Facebook allows you to restrict your interactions to just these chosen people, you have a right to expect your communication to remain between those designated individuals.

You know, sort of the same way the telephone company is a commercial enterprise, but you have a reasonable expectation for your conversations to remain private. Or do you consider talking on the telephone to be blathering to the "whole goddamn universe", too?

Unfortunately, just like your mom probably is more prone to getting a virus on her Windows machine than you are, she's probably more likely to use a "what color are you?" facebook application and thereby put you at risk of exposure.

Again, it is simply disingenuous to trash people as being idiots for using services where security is inherently implied (and options to protect it are right there in the user preferences -- even though they appear not to be adhered to in this demonstration).

That doesn't mean you should share your most private secrets on earth anywhere online that is connected with your real identity. It just means that you shouldn't have to worry that your every piece of information is being sold out from under you when you thought it was just between yourself and the people in your circle. And if you have this attitude that you should *EXPECT* that from Facebook, then you should have that same attitude toward every institution you deal with from the place you bought your car, to your electric, phone, cable companies and medical providers. After all, if your bank's databases are cracked and the data stolen and sold out from under you, it's YOUR fault for being stupid enough to give your financial information to your financial institution, right?

Also, as much as I hate Twitter and Facebook and all these things (though I like LinkedIN), you at the very least are often obligated to sign up so that you can protect your identity from being used by someone *else*. And as much as I hate attention-whores, even they deserve an expectation of a certain degree of privacy in situations where that privacy is implied.

Re:Privacy is simple

[Seumas]

Do we have evidence that this is actually adhered to? I have no faith that the settings I have chosen - including "friends only" or the fact that I chose to disable Applications in every way I possibly could from day one will actually be followed.

Re:Privacy is simple

[verbatim]

I simply assume that no company/organization will ever do anything in my best interest unless I have a significant financial stake in it (and, even then...)

Re:Privacy is simple

[verbatim]

I would both agree and disagree. Yes, I have different social circles - work, friends, and family are three simple categories.

However, I don't see the point in putting artificial walls between these things. Yeah, I'm not going to automatically send party announcements to my colleagues, but I also don't really care if they know what I'm doing on the weekend. I'm pretty sure that they don't care, either. And, if I happen to do something embarrassing, reckless, or stupid, then I really should be more careful with my own life.

I don't have anything against facebook, and I happen to think it's an interesting way to share a measured amount of information about myself with the world. The problem that I have in this case is with people who think Facebook is somehow responsible or required to maintain privacy when, in most cases, I should be more responsible with what information I choose to share.

I've never heard of a situation where a little more prudence at the individual level would not have prevented the situation from happening in the first place.

Well, anyway... just an opinion. :P

Re:Privacy is simple

[daveime]

So you add someone as a friend, so they *can* see all your gory details, but you don't want them to publish it or pass it on in any way ?

How exactly are you going to stop CTRL-C, CTRL-V ? Or even ALT-PRINTSCREEN ? Have Facebook apps disable your keyboard ?

The application "hole" is no more insecure than simply not adding strangers in the first place if you don't want them playing "Chinese Whispers" with your info.

Re:Privacy is simple

[CSMatt]

The poster was most likely referring to incidents where someone whom you know outside of Facebook is posting things on the site that you otherwise would not want on there. While it would seem that the solution is to never tell these people these things in the first place, it is worth realizing that these people are in all likelihood giving the appearance of trust, and are even otherwise genuinely trustworthy. They would not report these things to random strangers outside of Facebook, but have been duped by the site's promises of privacy to believe that they have just as much control of the decimation of your information as they think they do in real life.* These people could also be trustworthy individuals who have turned on you, like an ex-spouse.

*Of course, privacy is a chain that will break at its weakest link, so it could also be said that assuming privacy in real life is foolish as well, since all it takes is one untrustworthy individual in the chain to ruin everything. "Two people can keep a secret if one is dead" and all that.

Re:Privacy is simple

Somehow I tell apps they can't post to my wall and they still seem to manage to do so. I don't think it really works.

Re:Privacy is simple

[just+fiddling+around]

I can't see how insightful that is. First, you only enter what you wish, most of the fields are not mandatory on a profile (esp. the birthdate)

Next, if people post photos of you, they can still tag your silly ass if you are not their "Facebook friend" or even on Facebook. It's a new feature, and it appeared silently, too.

Privacy is NOT simple, except if you are an hermit. Then you get famous for being one.

Re:Privacy is simple

[Pollardito]

it's also somehow not tied into the Application Settings page though it would seem that people might look there for it first

Civil Liberties?

[Kohath]

What does this have to do with "Civil Liberties"?

The ACLU doesn't seem to be about civil liberties at all any more, if it ever was.

How convincing is the quiz?

[Jah-Wren+Ryel]

Could someone with a facebook account "review" this quiz?

I don't have a facebook account so I can't do much with it. But I would like to send it to friends and family that do have accounts. These people aren't the type to comprehend the ACLU blog, so I'd like to know just how well the quiz makes its point. Is my 20 year-old niece who 'friends' anyone who sends a friend request going to achieve cluevana by doing the quiz, or is the quiz no more meaningful to the unenlightened than the blog post that inspired it?

Re:How convincing is the quiz?

[xiox]

Pretty convincing. It appears to show any of the information or photos I can see about myself or my friends.Presumably a very popular facebook app could harvest data on pretty well everyone in facebook, no matter their privacy settings.

Re:How convincing is the quiz?

[wembley+fraggle]

It pulled information about me and my friends and showed it to me. Most of that information looked shared, that is, it wasn't anything I couldn't otherwise see by just clicking on a friend's facebook page. But it's information that would be private to some random app developer.

That's the problem - you mark most of your profile as "private" so only friends can see it. But then a friend of yours runs an app (any app at all), and the app has all the privileges that your friend does, allowing the app to gather all the "private" data that you wanted hidden from the Wide World. A popular enough application (mafia wars, etc) could pull a ton of data about people and just sit on it.

I've no clue what the Men in the Black Helicopters want with a bajillion pictures of people in semi-compromising situations and a ton of half-thought out wall posts and other such drivel, but there we are.

Re:How convincing is the quiz?

[ArsenneLupin]

I've no clue what the Men in the Black Helicopters want with a bajillion pictures of people in semi-compromising situations and a ton of half-thought out wall posts and other such drivel, but there we are.

Not necessarily MitBH. Could also be geeks looking for suitable mates to get laid.

Re:How convincing is the quiz?

The black helicopter crew doesn't need to exploit an app, they already have their own personal backdoor to everything.

Re:How convincing is the quiz?

[bhartman34]

I've no clue what the Men in the Black Helicopters want with a bajillion pictures of people in semi-compromising situations and a ton of half-thought out wall posts and other such drivel, but there we are.

I took the quiz, and posted it to my profile. Mostly, I took it because I do have friends who will take each and every quiz presented to them, ad nauseum, and I wanted to to get the point across that maybe this isn't such a good idea.

I've got mixed feelings about how serious this is, though. I think that Facebook gives people a false sense of security when they promote "privacy" settings that any of their Facebook "friends" can override by taking a quiz. On the other hand, when you start a quiz (or add any application), Facebook immediately pops up a box making you aware that the application can see your information and all your friends' information. So it's not exactly like Facebook is doing it without the user's permission.

The problem I have with the quizzes, though, is that they access this information at all. The only information a Facebook app should really need from a user is:

1) their answers to the quiz
2) their list of friends (to see how their friends answered the quiz)

What possible reason could an app have for needing all of the other information that Facebook apps can apparently harvest?

And I think the "never put online that which you wouldn't want the whole world to have access to" is outdated. I don't want the whole world to have access to my bank account or credit card information. Does that mean I should reject online banking? You need to be careful where you put your information online, and be very aware of where you're granted privacy and where you're not, but that doesn't mean that a website that pretends to keep your information private can then turn around and say, "Well, WTF did you expect?! If you don't want your information public, you shouldn't have posted it!"

As for the value of the information itself: I doubt the information is valuable on an individual basis. Where it could become valuable is in the aggregate. Get enough people to take the quiz, and the data mining implications become...interesting. You start to be able to answer questions like, "How many Facebook users between the ages of 18 and 30 read Dan Brown novels and have seen a movie in the past year? How do they vote? Where do they live? What products do they like?"

Facebook gives apps that kind of demographic information. The bigger Facebook becomes, the more valuable that data becomes, and the more accurately it models trends and habits.

Re:How convincing is the quiz?

[NotBornYesterday]

Stop spilling our secret information. Just because you posted AC doesn't mean we don't know who you really are. We'll be by shortly to speak with you personally.

Yours Truly,
- MitBH

(No need for me to post AC - nobody messes with me now that I have a black helicopter.)

Re:How convincing is the quiz?

[soliptic]

It appears to show any of the information or photos I can see about myself or my friends.

I don't grasp how this is supposed to be an insecurity. It seems like the summary is "It can see whatever you can see". If it were "It can see stuff you otherwise couldn't see" then it would seem like a security concern, but as it stands it appears to be working exactly as intended and advertised. What am I missing?

Re:How convincing is the quiz?

[tolan-b]

Because Facebook is supposed to limit your data to your friends and applications *you* choose to trust. But it doesn't give you any control over which data of yours is visible to an application installed by someone else in your network.

Therefore if your mum installs a rogue app then she gives away every piece of data she can view about all her friends and family (who happen to be on Facebook), including you. That's going to include most of your data on Facebook.

Therefore what the hell is the point of having any privacy controls at all? They're simply misleading, all your data has already been made available to multiple third parties without consulting you.

Re:How convincing is the quiz?

[Mozk]

It's nice how when I post a link to the application on Facebook to inform others about their lack of privacy, it doesn't appear anywhere on the news feed. Are they filtering it or something?

Re:How convincing is the quiz?

[BungaDunga]

Or here's an idea: Provide a toolkit for building quiz apps that is easy enough to use that almost anyone could do it. Host all the separate apps on your webserver, and include code in every app generated by it that tracks people. Then you'd have dozens (hundreds?) of quizzes all feeding you information, all "built" by other people. With this you could basically recreate all of the information that Facebook has on its users.
 
For all I know this has already been done... these quizzes can't all be built from scratch, can they?

Re:How convincing is the quiz?

[soliptic]

I see. Great explanation, thanks.

Re:How convincing is the quiz?

[cathector]

by all means, share this quiz with your facebook-using friends.
it does a great job of illustrating the issue.
first, it shows you a bunch of stuff about you: recent posts, recent photos, birthday, etc, which your thinking facebookster probably figures the app is going to have access to. then it shows a bunch of information about random friends of yours: their hometowns, birthdays, recent status updates, political affiliations, etc. this second-order lack of privacy will probably surprise most FB users.

Re:How convincing is the quiz?

[kelnos]

Except that's not true, at least on the surface. Settings -> Privacy -> Applications, Settings tab:

"You can use the controls on this page to limit what types of information your friends can see about you through applications. Please note that this is only for applications you do not use yourself:"

And there's a list of about 20 checkboxes that allow you to restrict what applications *that your friends add* can see about you. Whether or not it actually works is up for question, of course.

Now, annoyingly, any app *you* add yourself gets access to all of your information, regardless of your privacy settings ("When you authorize an application, it can access any information associated with your account that it requires to work"). It would be nice to be able to semi-sandbox apps you add as well. (It does say that they never share contact information through the app platform, which is nice.)

Re:How convincing is the quiz?

[tolan-b]

I stand corrected. Either that wasn't there last time I adjusted my privacy settings, or I didn't see it.

Solution

I solved this problem by filling my facebook profile with blatant lies.

Yes, ordinary people are stupid regarding privacy

[RIpRapRob]

But here is what Facebook tells their users:

Facebook Principles

...

We understand you may not want everyone in the world to have the information you share on Facebook; that is why we give you control of your information.

...

Facebook follows two core principles:

1. You should have control over your personal information.

Yeah, there is a lot of 'small print' too, but why wouldn't the average user expect the information they put on Facebook to be private, unless they change some (default) setting?

Facebook:

[gurps_npc]

Step 1. Invade everyone's privacy completely.

Step 2. ?????

Step 3. Profit!!!!

========

Wait, let me clarify

Step 2 = Blackmail

Re:Facebook:

[TheVelvetFlamebait]

Don't look now, but I think they achieved Step 3 without Step 2.

Ironic

[Kral_Blbec]

Anyone else find the Facebook link in the article funny?

Re:Ironic

[Chees0rz]

Yes. I added the application in order to check it out. I'm drowning in irony.

TFA

[Magic5Ball]

QUESTION 1: When you take a quiz on Facebook, what can the quiz see about you?
Only your answers to its questions.
Only information that is set as "public" on your profile.
Almost everything on your profile, even if you use privacy settings to limit access.

Correct!

Even if you have your profile information and content set to "private," quizzes can see almost everything that you share with your friends on Facebook: your politics and religion, embarassing photos, comments you leave on your friends' Wall. It doesn't seem like a quiz developer has any reason to poke around in your profile, but it's temptingly easy to do so.

For example, here are just a few things this quiz can see in your profile:

[Random stuff from your own profile. *Some data/counts in aggregate*]

QUESTION 2: What info about you can a quiz see when your friends take a quiz?
Nothing at all, unless they use your name in an answer somehow.
Only information from your profile that is visible to everyone on Facebook.
Almost everything on your profile, even if you use privacy settings to limit who can see that information.

Correct!

Yes, that's right: when your friend takes a quiz, the quiz maker gets access to your information! So even if you're being careful, if you haven't changed the right privacy settings, your information could be collected by anyone who writes a quiz that your friends take!

Check out what this quiz can see about some of your friends (loads slowly - give it a sec!):

[Random stuff from your friends' profiles. *Some data/counts in aggregate*]

QUESTION 3: There must be safeguards somewhere, right? My information is safe because:
Facebook's default privacy settings prevent application developers from scouring my information.
Facebook carefully screens developers to ensure that they are trustworthy and requires that they post and comply with a privacy policy.
Facebook uses technical measures to limit how developers collect and use personal information.
None of the above - and that's a real problem.

Correct!

The only protection Facebook offers by default is its Terms of Service, which state that developers must collect only the information that they need and use it only in connection with Facebook.

But all it takes to be a developer is an email address, and so few of even the top developers have a privacy policy at all, it's hard to believe that Terms of Service will hold them back if they want to collect information, and (as this quiz has shown) they can access a lot of it.

And once details about your personal life are collected by a quiz developer, who knows where they could end up or how they could be used. Shared? Sold? Turned over to the government?

QUESTION 4: OK, that sounds like a real problem. So what should I do?
Give up and quit Facebook forever.
Resign myself to losing control over my personal information.
Demand the right to control my information without sacrificing the right to use new technology.

Of course you know the answer: take a stand and demand control!

What's going on with these quizzes just isn't right. It's time for Facebook to upgrade its privacy controls so that you decide who gets to see your personal information.

That's where you come in. As we've seen before, Facebook does respond when users protest. So we need to make some noise!

*
Update your own privacy settings.

*
Share this quiz on Facebook and encourage your friends to take it!

*
Sign our online petition and tell Facebook that you want more control of your own information.

*
And, finally, help the movement grow by becoming a fan of the dotRights campaign and voting for our "The Secret Lives of On

Oh, Facebook's lack of security

[KarmaRundi]

From the title, I thought it exposed the social anxiety and fears of users (which in many cases it might end up doing, but that's not what the original post is about).

Is the ACLU recommending surgeon general's warning

[schwit1]

Privacy Salience and Social Networking Sites

There is no insecurity at all. Move along.

[SecurityGuy]

Facebook and its apps work exactly as advertised. It is a site that's ALL ABOUT SHARING INFORMATION, and guess what, that's what it does. When you take a quiz or use an app, it tells you you're granting it access to lots of stuff. I forget the exact wording, but none of this is a surprise. It takes all of a few minutes looking through the developer docs to see that if you write an app, you get access to, well, yeah, everything.

The problem here is that some people sign up on a site that exists to share personal information, run apps that give away personal information and tell you they're doing it, and are then surprised.

Irony

Grow. The. Fuck. Up.

This is an interesting sentiment to present by such juvenile means.

Re:Irony

OMG! SRSLY!!!

Anonymous Coward

I don't get this... the whole Facebook thing (in every single little aspect)...

At the end of the day, people seem to conveniently forget that Facebook is a COMPANY that exists to make MONEY.
Further, the Company's BUSINESS MODEL is entirely built around selling YOUR DATA.

If Facebook was to "privately protect" this data, as its user's seem to insist they should - How are they suppose to make MONEY?
Do you have an alternative Business Model for them?

Thus the lesson ~
If you don't like Facebook's Business Model - of selling your data - then take your business elsewhere (like MySpace, Friendster et al)... its a FREE MARKET.

Beyond all this... if people cry they really need Facebook to keep in contact with "Friends"... well i think they've got bigger problems... like possible problems involving their personal interaction's with society.
Facebook isn't for making friends... its for people who have no social skills, and want to PRETEND that they're POPULAR, and pretend to have friends.

In short, Reality sucks, LSD is illegal... and so many people need they're little Facebook fantasy world to escape to.

Re:Anonymous Coward

Facebook isn't for making friends... its for people who have no social skills, and want to PRETEND that they're POPULAR, and pretend to have friends.

Methinks thou dost protesteth too much.

Re:Anonymous Coward

[Seumas]

People like you really confuse me. I suspect you have very few social interactions in your life, because you fail so readily at comprehending how other people interact. News-flash, people tend to associate with a LOT of people in their life time and many of those people do not live nearby. Colleagues, school chums, friends, relatives, people with shared interests, etc.

Like any social network, there's a lot of attention-whoring. Both of the commercial variety and the "OMG I have 400 friends!" variety. There's also simply a lot of "this is my social circle and rather than emailing everyone individually or chatting on the phone with each of them every day, we can all casually share information and updates and events in a group fashion".

Regardless of people's use of the service, their expectation of privacy is entirely reasonable and reinforced by the assertions made by the site and the nature of the site (not being entirely open, like on Myspace, for example).

The argument from people like you only seems to be applied in these particular cases, because you assume everyone on Facebook is an attention whore and you hate attention whores (well, who doesn't?) and therefore, anything you would otherwise be up in arms about is okay when it's done to people you hate.

After all, if being a corporation driven by cash makes exploitation of your private data acceptable in this way, then you should have no problem with ANY organization you patronize -- doctor to bank to cable company to television repair service --- handing your information out left and right.

Your personal and social issues seem to be the driving motivation behind your conclusions here, because for all intents and purposes, it's "you have no social skills and I hate social networks, so fuck you and your privacy!". Which is just stupid. I value your privacy, because I value my own privacy. Even if you're a fucking idiot.

Hypocrisy.

I like how so many comments say something along the lines of: "Normal people are stupid, they were warned, they deserve to lose access to public information." I'm not even going to start on why that's such a horrible attitude, I think everyone should know that. I just hope none of you are engineers, and if you are god knows you have no right engineering anything for anyone.

But I am going to draw one comparison here. What if this was microsoft doing it? Wouldn't all of slashdot be up in arms?

Quite simply, facebook apps seem to be designed specifically to violate your security. Anyone can get your pictures or your posts from a simple quiz game, when it's not needed. Why can't facebook just tell us specifically what parts of our profile the app is going to use, instead of giving some kind of ominous warning saying that it will have access to basically all of your data. If you are truly interested in protecting someone's data, then that's a simple design decision, something that should have been obvious to anyone who was designing the facebook app architecture. It seems far more likely that it was not put in, on purpose. God knows why.

In fact, I wouldn't be surprised if most of the data on facebook has been cached on 3rd party servers many times over thanks to apps like the quiz one. The worst thing is, facebook is clearly an accomplice and some people are just too busy feeling superior to notice. And I thought slashdot was about protecting people's rights online?

Re:There is no insecurity at all. Move along.

One thing that scares me about them is that a few months ago their list suggesting people for me to add as friends changed wildly, and included people I didn't recognize. I did a search, and it turns out that many of these people were ones I had had one email exchange with a couple of years ago using my Hotmail account -- the account I used for my Facebook account. If these oddball suggestions had happened over the course of time, I could understand it being the other people letting facebook pillage their email for addresses and then suggesting us to each other; however, since it happened all at once, the only conclusion I can come to is that Facebook must have made a deal with Hotmail to get access to associated addresses. I never gave Facebook permission, my password is definitely not the same for Facebook as it is for Hotmail, and people contacted via my main email account -- which thankfully is not Hotmail -- have not shown up on this suggestion list.

Seriously?

[lluBdeR]

Why are people getting so worked up about this? It's not like the information applications can access has been posted here for years or anything...

TFTFY

[denzacar]

Not that your information is in the hands of the facebook staff. That can be scary, but the facebook people, like google, have demonstrated a fairly reasonable approach to exploitation of personal information.

The problem is that it's in the hands of all of your "friends" and family. If there's any aspect of your life that should remain off the internet, never share it with a facebooker.

Facebook friends are often not even acquaintances. They are not your friends, no matter how Facebook refers to them.

Re:TFTFY

Agreed. thus the quotes around "friends". The "friend" relationship is not akin to real social relationships--too static and black or white on information control. And facebook, etc. are now popular enough that enough people who use it in different ways are having culture clashes. The extroverted, "my life is an open book, and so is what I know about yours" and the more introverted, "this is just a handy way to keep up with my 3 best friends" groups are squabbling and the "my information is private. I'll give away yours for a free smiley icon" people are irritating everyone. Especially since that last group are usually the people who click on executable attachments and forward them to their whole contact list.

Re:TFTFY

[daveime]

Facebook friends are often not even acquaintances. They are not your friends, no matter how Facebook refers to them

Surely that is up to the user who adds 1000 people who they once exchanged "lol" with, and now consider them as friends ?

How simple can it be ? If you don't want strangers seeing your sensitive info, either don't post the fucking sensitive info in the first place, or don't add strangers just because they once said "lol" at one of your comments.

This whole "friend of a friend" thing is nonsense too. In the real world, you tell a juicy bit of gossip to 1000 strangers, for sure, they're going to repeat that gossip to people you don't even know.

Re:TFTFY

[Thuktun]

Facebook friends are often not even acquaintances. They are not your friends, no matter how Facebook refers to them.

That sounds more like User Error to me.

Re:TFTFY

[denzacar]

Not up to the user.

Just like you don't get to rename Happy Meals at McDonald's.
So just as 3-year-olds get to associate hamburgers with happiness, all users big and small get to subconsciously associate Facebook with friendship and think of other facebookers as friends.
Isn't newspeak great?

To think that MSN's messenger is a positive example, calling other people "contacts".

Re:TFTFY

[Thuktun]

Since you've hopped metaphors...

If it became the rage for adults to buy McDonald's Happy Meals, one does not get to blame McDonald's for misrepresenting an adult meal as a kid's meal. It remains a kid's meal that's being used for something other than its intended purposes. If those adults then begin to complain that the Happy Meal doesn't provide enough food, that's also not McDonald's fault.

Similarly, Facebook friends were created for linking up with FRIENDS, not random strangers you momentarily think you like. If this assumption is violated, other downstream assumptions will also be violated.

Re:TFTFY

[denzacar]

Those aren't metaphors. Those are facts. Analogies at best.
HappyMeal IS a McDonald's product that is aimed at kids and uses the word "Happy" in its name.
Friends IS the name Facebook uses for your "contacts" on Facebook.

Had I said something like... e.g. "Facebook is a McDonald's of social relationships..." - THAT would have been a metaphor.

 
The problem I am referring to lies not in user's faulty use of clearly labeled products (adults raving about kid's meals) and resulting dissatisfaction.
If it says "HappyMeal" on the box and it has clowns, puppies, kittens and rainbows on it, and you get a toy inside - it is not restaurant's fault you are hungry after eating one of those while a "regular" hamburger with a same price contains more food and less toys.
Nor is it Facebook's problem that you can't discern between a random stranger, an acquaintance and a friend. They are not in business of "dealing" or "ensuring" or "providing" friendship.

The problem is in semantic connotation those words contain.
Happy, friend, love, good, nice, kind, positive, beautiful, best... All those words are "good" words. Positive words.
They have inherent connotations and meanings that we react to on a subconscious level.

E.g. Imagine a situation where you open your inbox and among "messages", you find one titled "love letter", but when you've opened it, it turns out to be "hate mail".
Same e-mail, but it goes from neutral, through positive to negative based on the labels I gave you for it (I gave no indication who is it from, or what is in it).
The old "It's not WHAT you say, but HOW...".

Everyone and anyone on Facebook is "friendly". They all want to be your "friends". They are all "good".
Now... Imagine facebook changing "friends" to "strangers". Uuuuh... the connotations.
Just gives you the chills, right? You wouldn't let "strangers" look at your photos, would you? Where are those privacy settings?
How about "colleagues"? Or "buddies"? Or "acquaintances"? Or "people"?

Missing the point

[CarpetShark]

Public information is public. News at 11.

This is hardly the point. The main point is that people WANT TO and SHOULD be able to publish their information to those they choose, without it being spread to those with interests other than friendship. Normally, the only major leak in this is if you can't trust your friends. Now, there is also a leak in the basic communication infrastructure we're using. People are simply arguing that social networks like facebook have a certain responsibility to be trustworthy, just like friends do.

The other problem is that the information you publish is no longer just that. It can be combined with the information your friends publish, interpolated, and projected back at you, to find out things about you that you DIDN'T publish. For example, if you said you went out with Tina tonight, and Tina said she she went out with you and Joe, and Joe said that he went to a nudist colony tonight, then suddenly you just published that you went to a nudist colony.

Re:Really? Really!

[runningduck]

Just like at the doctor's office; if you let others see your junk or take pictures using their network connected fancy junk picture taking machines then its on the network for everybody on a network to see.

Re:There is no insecurity at all. Move along.

[ElKry]

The same happened to me. And also, all of them are related to one hotmail account, and one that is NOT the one I'm using on facebook, which is even scarier. I wonder if someone has more insight in this...

big deal

[binaryseraph]

Like most the posts say above this one- This is not a big deal. We are not talking about a critical flaw in an OS that will cause for potential data leaks from government systems, nore is this a flaw in the design of a massive medical or credit card system. We are talking about a website that 1. you have to go out of your way to sign up for and 2.lets you throw digital water balloons at your friends, or make comments about their mom for everyone to see. From a technical standpoint it is a little interesting, perhaps, though just another exploit in some buggy code. Someone said it best above here: what is posted public will remain public. Facebook is not a means of secure or private communication.

Re:big deal

[Seumas]

Your apartment isn't a secure and bug-swept panic room, either, but you are right to have some expectation of privacy and security within it. If none of this is an issue, then it should be made clear when people sign up how there information is going to be used rather than "we give you the ability to control your information and privacy" and have options like "private" or "friends only" that aren't really private or friends only.

I understand that some people can only see social networking sites as a means for playing retarded flash games with each other and sniffing each others virtual crotches, but that's not the case for everyone and your opinion of them isn't really relevant to the validity of the complaint over the violation of implied privacy when you sign up.

Think of it this way -- Slashdot has an option for you to post comments as an Anonymous Coward. That implies some degree of anonymity. Does it guarantee it? No. Does it prevent you from being exposed should someone break into the servers and abscond with the database that ties identities to posts? No. But does it imply that you could post a message as an Anonymous account and not have it intentionally exposed by Malda and gang to everyone on earth for exploitation however they see fit? Yes. Should you be pissed off if they did that? Yes.

Look, I understand that everyone is a geek and therefore anything social should be ridiculed. Especially when it's "online" because then not only are social people being social, but they're doing it on "our" turf while we're naked in our basements jerking off to a Chun Li poster -- but how about we step away from that for a bit and focus on the implications of exploiting data that users are told is kept private and protected in the first place? Not exploited by evil crackers looking to trade the information on the black market for a few thousand credit card numbers, but by the organization itself which is implying privacy of your interactions.

And as I've said several times so far -- if it's okay to have their information exposed and exploited on Facebook, then why not on Amazon, Google, your banking service, Paypal, eBay, your doctor's office, your library, your employer, your cable company, power company, telephone company, ISP and anyone else? Each is an entity providing a service and in most cases seeking a profit. So hey, anything goes, right?

someone else?

Don't publish/post anything that you wouldn't want made public.

Simple enough, people? Seriously.

And if someone else posts it, then what?

Re:There is no insecurity at all. Move along.

[Ambiguous+Puzuma]

Not quite--

The problem here is that some people sign up on a site that exists to share personal information, and their friends run apps that give away personal information and tell them they're doing it, and are then surprised.

THAT is the problem as I understand it: apparently you can't deny information to apps that your friends have authorized but you have not.

Re:There is no insecurity at all. Move along.

[donatzsky]

Actually you can:
http://www.facebook.com/home.php#/privacy/?view=platform&tab=other

Simply untick all the boxes there.

Facebook "security" is a joke

[speedtux]

Facebook might as well be regular web pages out in the open.

However, I don't see what the ACLU has to do with any of this.

Tracy sure didn't get it...

[speedtux]

Tracy apparently had some trouble with the concept of "privacy" (or lack thereof) on Facebook...

Re:Tracy sure didn't get it...

Dude...somebody figured out Tracy's password (probably from being the same as on another site that got hacked). This person went and messed with Tracy's FB account. If you had seen her page, all kinds of activity (like setting her relationship status to "engaged") all happened that day.

dom

Re:Tracy sure didn't get it...

Tracy's account was hacked by 4chan.

4chan hacked a christian dating site, and got a list of details and passwords contained on it's servers in plaintext. Not sure of the details (whether the users of the site just had the same passwords for that and facebook or if some other step was involved), but they used this to gain access to hundreds of facebook accounts.

They then proceeded to do their typical 4chan thing and post fake messages, porn, goatse, "coming out" messages etc. on all the compromised accounts. This was one of them.

Don't blame Tracy. She didn't post that.

Blame the Christian dating site for insecurity.

Blame 4chan for being 4chan.

Disabled

[magloca]

Seems the app has already been disabled. Apparently, there's something in the terms you have to agree to to write an app about not collecting more info than necessary. And presumably, Facebook felt that this one did. Or maybe they thought they could distance themselves from the embarrassment. Who knows.

Re:There is no insecurity at all. Move along.

[Ambiguous+Puzuma]

Ah, I stand educated. Thank you.
If that page works as advertised, it needs to be displayed more prominently here. (Mod parent up?)

Facebook/Firefox fail

[Animats]

That Facebook quiz page puts Firefox 3.5 into a loop at:
"Script: file:///D:/Program Files/Mozilla Firefox/modules/XPCOMUtils.jsm:260"

FAIL.

Re:Facebook/Firefox fail

[commodoresloat]

So it's impossible to take a Facebook quiz using Firefox 3.5?

That's a feature, not a bug.

Re:There is no insecurity at all. Move along.

[Seumas]

You miss the point of Facebook, entirely. It's about sharing information with a controlled group of people you have chosen; not every person on the planet who wants it. The problem here is that a site promotes itself as a place you can associate and communicate with a selected community of people that you have individually selected and granted access to and all of its literature promotes the ability for YOU to have CONTROL over your information and interactions (otherwise, they'd just keep using Myspace or something else) while actually violating the implied spirit of everything users sign up for.

Also, I'm glad you feel that violating the entire premise of your service is okay as long as you post it in your Developer API documents that I'm sure everyone's mom and grandparents read before signing up to the service.

Re:There is no insecurity at all. Move along.

[Jeremi]

Simply untick all the boxes there.

Hmm. "You are unable to fully opt out of sharing information through Facebook platform because you are currently using applications build on Platform. To enable this option, you need to remove any applications you have added, and remove your permissions to all external applications that you may have used".

Sounds like you can have either privacy, or the use of FaceBook applications, but not both.

Re:There is no insecurity at all. Move along.

[bhartman34]

Facebook and its apps work exactly as advertised. It is a site that's ALL ABOUT SHARING INFORMATION, and guess what, that's what it does. When you take a quiz or use an app, it tells you you're granting it access to lots of stuff. I forget the exact wording, but none of this is a surprise. It takes all of a few minutes looking through the developer docs to see that if you write an app, you get access to, well, yeah, everything.

The problem here is that some people sign up on a site that exists to share personal information, run apps that give away personal information and tell you they're doing it, and are then surprised.

No, that's not the problem. The problem is that when Facebook creates a privacy setting that says "Only Friends" can view the information, that's exactly what should happen: Only friends should be able to see it. It's true that the applications all have a disclaimer saying that they can see and use friends' information, but one can easily understand the cognitive dissonance created when Facebook, on the one hand, tells you that you can designate information as private, and on the other, allows applications to violate that privacy without your giving it that permission. It's one thing if an app can access the "private" information of the person taking the quiz. It's quite another when it gets access to the personal information of people who didn't take the quiz, didn't give the app in question the rights to the "private" information, and thought they were dong "all the right things" by restricting their private information to only their friends.

The cornerstone of privacy is informed consent.

Oh NOES

[/dev/trash]

Someone I don't know is gonna see that I told a friend I really loved Brazil!

Is "abject insecurity" what you get when...

[jeffb+(2.718)]

...you combine object-oriented and aspect-oriented development?

Re:Yes, ordinary people are stupid regarding priva

[m50d]

"Private" as in "not accessible to anyone"? That would rather defeat the point of putting it there. The default is perfectly reasonable: your information is visible to people you have declared to be your "friends" - and obviously, they may feed the information you've given them access to, to anyone or anything else.

Linux App Exposes Abject Insecurity

[minsk]

Now, a developer has written a Linux 'Utility' based on the Facebook paranoia, which graphically illustrates all the information a normal application can get its grubby little hands on. It opens your e-mail, and prints out all the stuff your friends have sent you. Then it opens your IM program, and prints out all your friends' profiles. And their web sites. And, like, OMG, the links to their favorite games they sent you!

Seriously folks. We're getting riled up over the idea that applications run with the privileges of their users? And that they can access the same data their users can? That this is somehow novel because it involves a few web services?

Stop. Please.

Enabling least-privileged security within FB would likely be pretty easy. Getting each app author to include a declarative description of the required information would probably be feasible. Actually communicating the requested information to end users would be a complete, utter, unmitigated nightmare. And don't even think about configurable levels of functionality, unless you want runtime errors out the wazoo.

Re:Linux App Exposes Abject Insecurity

[bhartman34]

Now, a developer has written a Linux 'Utility' based on the Facebook paranoia, which graphically illustrates all the information a normal application can get its grubby little hands on. It opens your e-mail, and prints out all the stuff your friends have sent you. Then it opens your IM program, and prints out all your friends' profiles. And their web sites. And, like, OMG, the links to their favorite games they sent you!

Seriously folks. We're getting riled up over the idea that applications run with the privileges of their users? And that they can access the same data their users can? That this is somehow novel because it involves a few web services?

Stop. Please.

That whizzing sound you just heard is the point of the uproar flying right by you.

The point is, Facebook represents to users that they can set privacy levels, and that, at certain levels, only those friends they designate can see the information on their profiles. It's obvious to anyone who thinks about it for 10 seconds that an application that runs with a user's privileges can see everything that user has in his/her account. The problem is that such an app should not be able to see everything that user's friends have designated as private, because that app is not anyone's "friend". If you "friend" someone on Facebook, you don't automatically get to see all the information in the profile of all their friends. The Facebook apps shouldn't get higher privileges than actual human beings. Is that really so hard to grok?

Re:Linux App Exposes Abject Insecurity

[minsk]

The problem is that such an app should not be able to see everything that user's friends have designated as private, because that app is not anyone's "friend".

Again, unlike real applications. Where the application gets all the access of the running user.

The Facebook apps shouldn't get higher privileges than actual human beings.

I see no indication that this particular piece of paranoia is true. Please point me to evidence that a friend's application can ever have more access than the friend does.

Re:Linux App Exposes Abject Insecurity

[bhartman34]

The problem is that such an app should not be able to see everything that user's friends have designated as private, because that app is not anyone's "friend".

Again, unlike real applications. Where the application gets all the access of the running user.

Again, you're missing the point. The app isn't the user him/herself. It's an application, and one being run from outside the friend's account, no less. "Only friends can see your profile" should mean "only friends can see your profile", not "Only friends and any apps those friends happen to run can see your profile." To put this in its simplest terms: I might be able to FTP into a friend's machine with the proper credentials, but that doesn't mean the machine should automatically run any programs as if I was my friend. I shouldn't be able to get into their Gmail account, for example. It's just lax security, and there's no excuse for it.

The Facebook apps shouldn't get higher privileges than actual human beings.

I see no indication that this particular piece of paranoia is true. Please point me to evidence that a friend's application can ever have more access than the friend does.

Have you been paying attention? Let me explain it really clearly:

1) Being someone's "friend" on Facebook only gives you access to their information. If their other friends have the right privacy in place, it doesn't give you access to theirs. (There are several people I know on Facebook who have friends whose profile information I can't see.)

2) A Facebook app does see this private information, regardless of your privacy settings. That's the whole point of the article: You can have your privacy settings set up correctly, and you're still vulnerable if one of your friends runs one of these apps, because you can opt them in to the data gathering by proxy. Not only that, but application privacy settings are separate from profile settings, so just because your profile settings say "Only show my profile information to friends", this means nothing to applications.

Facebook does have a page where you can fine-tune what your friends see through applications, but it's not at all clear from the explanation on the page whether you're hiding the information from your friends (which most people wouldn't want to do) or from your friends' applications (which a lot of people would want to do):

You can use the controls on this page to limit what types of information your friends can see about you through applications. Please note that this is only for applications you do not use yourself:

For all intents and purposes, then, in order to hide information from applications, you also have to hide that information from your friends. Which, not coincidentally, makes the whole exercise pointless.

Basically, your argument could be rephrased as, "Well, of course that botnet software can infect your machine. What did you think was going to happen, when you let your friend e-mail you? Why would you ever give your friend your e-mail address?" The fact that I gave someone a "friend" designation shouldn't mean that any application they run should be able to data mine my information without my permission -- particularly if I've already denied that permission to anyone who isn't my friend (who, it's most likely, the application developer is not).

Got it now?

Re:Linux App Exposes Abject Insecurity

[minsk]

Let me summarize that, just to make sure we're on the same page:

• Alice friends Bob
• Charlie writes an app
• Alice installs Charlie's app
• Charlie's app gets access to all of Alice's data, private or not
• Charlie's app also gets access to all of Bob's information that Alice can see.
• Charlie's app could record or disclose this information to people other than as allowed by the FB privacy settings.

This particular tempest seems to focus on the last point. If so, my initial comment should have been more caustic.

First, "limit what types of information your friends can see about you through applications" is mind-numbingly obvious. If friend (check) tries to see (check) my information (check) through an application (check), it will work: No (button).

Other usage of the information falls afoul of the application author's agreement with Facebook, and doesn't disclose more than the person running the application could anyway.

The fact that I gave someone a "friend" designation shouldn't mean that any application they run should be able to data mine my information without my permission.

Again, e-mails, IM profiles, web sites... any other time you give information to people, their applications could disclose it. Because, wait for it, APPLICATIONS RUN WITH THEIR PRIVILEGES.

Stop inventing scare scenarios about remote infection.

Re:Linux App Exposes Abject Insecurity

[minsk]

Quick correction: Unless I miss my guess, the API access setting also controls access from non-friends (e.g. network or arbitrary facebook user). So it probably ought to say "what types of information other people can see about you through their applications".

Would double-check that, but I apparently can't connect to FB right now. And, well, work.

Re:Linux App Exposes Abject Insecurity

[bhartman34]

First, "limit what types of information your friends can see about you through applications" is mind-numbingly obvious. If friend (check) tries to see (check) my information (check) through an application (check), it will work: No (button).

You might think that it's mind-numbingly obvious, but because of what's classified as an "application" under Facebook, it isn't, necessarily.

Here are some of the things classified as "applications":

Photos

Links

Video

Notes

That's a lot of information that "friends" would expect to have access to. It's very unlikely that someone would intentionally block their friends from access to this information intentionally.

Again, e-mails, IM profiles, web sites... any other time you give information to people, their applications could disclose it. Because, wait for it, APPLICATIONS RUN WITH THEIR PRIVILEGES.

You're still missing it. When Alice runs Charlie's application, it sends information to both Alice and Charlie, not just to Alice. That's the issue. Obviously, if Bob gave Alice friend status, Bob wants Alice to see the profile information, but that doesn't mean that Charlie should have that information, as well. And here's the distinction: Bob's information isn't in Alice's account. It's in Bob's. The fact that Alice and Bob are friends is in Alice's account, but Bob's information is still on the page attached to Bob's Facebook account. It's irrelevant that Alice is running the application with her own user prviileges to Bob's account. The issue is that Alice is, by proxy, granting Charlie access into Bob's information, rather than Bob. Charlie should not be getting such access, because the application is running on Alice's computer, as Alice, not on Bob's. Bob is the only one who should be able to grant access to his own account information. The only way Alice should be able to let Charlie see anything on Bob's account directly is if Alice and Charlie were sitting toegether at her monitor.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:Yes, ordinary people are stupid regarding priva

[RIpRapRob]

No, "Private" as in "only friends I have chosen to share information with", not as in "and every application that they are stupid enough to install".

And you are missing the point

No one is "feeding the information" to an application. The application is sucking the information without anyone being aware of it.

The solution it simple:

Whenever one of my friends grants an application access to my data, Facebook should ask me:

"You have chosen NOT to share information with applications on Facebook. Your friend XYZ has now granted Application APP1 access to your profile. What would you like to do now?

[ALLOW]---[BLOCK APP1 ACCESS TO YOUR PROFILE]---[REMOVE XYZ FROM FRIEND LIST]"

Re:There is no insecurity at all. Move along.

Yes, but the price you pay is not using any Facebook applications at all. It's stupid to make it such an all-or-nothing choice like that. It's not necessary, and in my opinion, this lack of a reasonable file permissions scheme is going to keep people (and businesses) from taking Facebook seriously as a platform.

Well, Facebook tells you as much.

I haven't clicked on an app recently, but it used to be that Facebook apps told you as much. Hehe, not only can they see all your personal info and whatever you can see of your friends' info, but the app can post content using your ID. Now that makes for some really funny possibilities. It's also why you see friends accounts that are posting links to porn sites without their knowing... It's the beauty of the design.

After installing this app/quiz on fb, it fails

[idioto]

I installed this app on facebook, and it was basically just a quiz; I expected more such as demonstrative proof.

For instance, the point they are trying to make is that facebook apps such as quizzes can aggregate personal information about pretty much anyone regardless of privacy settings, however, they do not re-present the data that their quiz aggregates.

Whoever posted this without knowing if it is affiliated with the ACLU on slashdot should validate their sources. I installed this app and I do not even in fact trust it. Irresponsible.

Er...

[brunes69]

So I decided to try to run this magic quiz that can get all my information without my consent. I click on the app, and up pops the standard facebook alert...

Allowing "What Do Quizzes Really Know About You?" access will let it pull your profile information, photos, your friends' info, and other content that it requires to work.

Allow or cancel

I decided to click "Cancel". Oh damn, the quiz does not work now!

Wow, facebook is TEH EVIL! how dare they ask me if I want to run the quiz or not!

Re:Er...

[brantondaveperson]

Well that's dandy - and presumably had you chosen to click 'Allow' you would have sought permission from all your friends prior to doing so?

Re:Er...

[cetialphav]

I think many people would make the reasonable assumption that the app will only get the information that is required for it to work. That is what the warning says, after all. But that is not true. The app has full access to everything you can see, whether it needs it or not. Why in the world should a stupid poll need to see my (and my friend's) photos?

This is the crux of the problem. It suggests apps have limited access (based on need) when they really have unfettered access. I assume that the bar to become a Facebook developer is quite low so who knows what kind of low lifes are developing stupid 80's movies quizzes and collecting information on people who never even agreed to take the quiz in the first place.

Moreover.. even if you do find your picture posted

[Animaether]

Moreover.. even if you do find your picture posted, the moment you ask that somebody remove it, you are likely to incite the Streisand Effect; and even 'the Slashdot crowd' will point and laugh at you and help disseminate the picture you asked somebody to take down.

This is not lack of security

[rastoboy29]

This isn't anything like pwning you but just showing that the data you shared is...shared. 

No joke!

If you too would "click here" to find out what your friends' friends said regarding whether they thought you had a habit of picking your nose or not, then you're probably pretty insecure.

Not entirely FB's fault

[Asadullah+Ahmad]

When users click "Allow X App to access my profile" for the most stupid of polls and quiz applications, I don't think Facebook is to be blamed. Once again, Internet is most insecure for people who don't care about protecting their privacy, and the rest know when and how to protect themselves.

Re:Not entirely FB's fault

[ewhac]

That's fine as far as it goes, but it fails to consider that Facebook "apps" are the undisclosed third party in the room, who can abscond with anything and everything on your profile.

You may wisely choose to never be friends with "SociopathicStalker53" and thereby keep your information away from them. But if they write a cutesy "quiz" that one of your friends decides to run, despite your precautions you're fscked anyway.

And this state of affairs is entirely Facebook's fault, because it's baked in to the underlying design.

Schwab

Re:Not entirely FB's fault

[Asadullah+Ahmad]

That is indeed Facebook's fault. At the very least, applications being used by your friends should only be allowed to access the information which has been set to be visible to everyone. I was partially under the impression that this was already the case.

Re:Not entirely FB's fault

[Archon-X]

It technically is the case - FB has very strict regulations about what you can and can't keep, and for how long.
Essentially, any personal information outside of a user's username is 'illegal' to keep for more than 24 hours.

This includes name, birthday, relationships (friends, friends of friends, etc), photos, posts, updates, etc.
This also covers your app pulling that information and prefilling forms with it.

However, it's obviously impossible to police all of this: if you as a viewer can see information, then the app w/ similar permissions can see it too.

Some pointless advice indeed

[xixax]

Or: Your privacy is only as good as the the aggregate social stupidity of your friends.

I created a bogus ID and my image has already been tagged numerous times by other people who know my fake name (so it pretty quickly becomes a rather thin alias). Unfortunately a social site that only has me on it is not very useful (unless I want to have the social life of John Kaczynski).

This reminds me of a recent Onion article:
        "Google Opt Out Feature Lets Users Protect Privacy By Moving To Remote Village"
http://larvatusprodeo.net/2009/08/17/video-of-the-day-from-the-onion-on-google-and-privacy/

Xix.

Re:Yes, ordinary people are stupid regarding priva

[m50d]

No, "Private" as in "only friends I have chosen to share information with", not as in "and every application that they are stupid enough to install".

That's drawing a distinction that doesn't exist. If you give a friend access to your profile they can do anything with that data; this just makes it more immediately clear.

The application is sucking the information without anyone being aware of it.

No; the friend will get asked when they run the application, effectively "do you want to give this access to anything you can see".

Facebook is secure and private.

[Colin+Smith]

"it's that Facebook represents itself as secure and private to its users"

They do?

 

Re:Yes, ordinary people are stupid regarding priva

[RIpRapRob]

The exact information you get when installing a Facebook application (could be some kind of game) is this:

"Allowing [name of application] access will let it pull your profile information, photos, your friends' info, and other content that it requires to work."

Note the "that it requires to work" part that I took the liberty of bold'ing.

Do you really think the average user thinks; "Oh yeah, let me give this little game access to my friends personal data, because it totally requires access to those data to work"?

But the problem stands: Facebook promises me, as a user, control over my private data, but lets my friends - knowingly or unknowingly - overrule my control over my private data.

Why not have the apps request limited rights

[olliM]

There would be a simple solution: have the apps state what rights they need through the api. Instead of:

"Do you want to give this application the right to your profile?"

Have a question:

"Do you want to give this application the right to the following information:"
- your name
- your profile picture
- list of your friends names

A quiz really doesn't need to know more than that, an photo editing application might need all your photos etc. The api could also let the application developer write a short description of why such info is needed. An application that asks for too many rights would not get as many users - at least the smart users would be protected.

Re:Why not have the apps request limited rights

[DanJ_UK]

It doesn't matter, it doesn't *need* to be a Facebook app. I wrote an application that did exactly as described above (including OCR to pull peoples e-mails from their profiles), so that I could export my 500 odd friends from Facebook into a CSV file that I could then import into Twitter because Facebook doesn't have an option to export my contacts. *sigh*

It didn't take long, maybe an hour or two to write and then an hour to refactor / test to iron out the quirks, which saved me a lot of extra hours I would have had to spend loading up 500 profiles to write out all my friends details manually.

Re:Why not have the apps request limited rights

[olliM]

The point is that you ran your tool manually, with the intent of collecting all the data. Why would I or one of my friends run your tool for the benefit of an evil 3rd party?

The problem described in the article is that facebook apps like funny little quizes get way more information than they need. I propose that application developers could opt to use only limited user info and get that fact recognized by Facebook. When facebook asks you to grant the rights, apps that ask for too many rights would be suspect and get less users.

Remember...

[SlashDev]

WWW stands for the World Wide Web. There was no provision for security when protocols were originally written. Quit blaming facebook and the like, on insecurity. For whatever reason, people believe that if a website is well known, that the people running it will take good care of you. Quite the opposite.

exactly how can I misuse this app?

exactly how can I misuse this app?