Slashdot Mirror
Open Source Utilities For Facebook Privacy
dward90 writes "Two online projects will scan and edit Facebook privacy settings for maximum protection: ReclaimPrivacy (reclaimprivacy.org) and SaveFace (untangle.com). The article says: 'Several new applications have launched this week that are designed to easily reset a Facebook member's privacy settings, following new changes from the company that make a sizable chunk of profile content public by default when it was once kept under lock and key.'"
... or is it just a bad idea to be able to change privacy settings via Facebook's API? Couldn't some other site/service "open the flood gates" instead of locking them down?
RIP America
July 4, 1776 - September 11, 2001
What prevents these apps from keeping a copy of the info in their databases before changing the settings?
They run javascript on the facebook page, can they be used to steal my facebook password?
Account->privacy settings->Apps and websites Disable "Instant Personalization Pilot Program"
RTFM you moron. It plainly states on the download page that it resets all your settings to friends only.
No comprende? Let me type that a little slower for you...
You should sprinkle a lot of obscenities, pornographic pictures, and the most distastful things that you can find on your facebook pages. It will insure that other sites cannot use your information without losing their "safe for work" designations.
And that, my liege, is how we know the Web to be banana-shaped.
This new learning amazes me, Sir Zuckerberg. Explain again how a series of tubes may be employed to eliminate privacy.
Oh, certainly, sir.
Look, my liege!
[trumpets]
Facebook!
Facebook!
Facebook!
It's only a website.
Shhh!
Friends, I bid you welcome to your new home. Let us ride... to Facebook.
[singing]
We're Friends of the round table
We Poke when e're we're able
We do Farmville and play Mob Wars
With mousework impecc-able
We lurk around on Facebook
We tag and quiz our friends a lot!
[dancing]
We're Friends of the round table
Our Likes are for-mid-able
Though many times we're given gifts
That are fake and unuse-able
We're news-feed mad on Facebook
We check from mobile phones a lot!
[tap-dancing]
Oh, our Walls we cradle
Quite indefatigable
Between our posts we friend request
And pad our list where able
It's a busy life on Facebook
I have to push the 'Hide' a lot!
[outdoors]
Well, on second thought, let's not go to Facebook -- it is a silly place.
Right.
Right.
And now for something completely different!
Zuck: Yeah so if you ever need info about anyone at Harvard
Zuck: Just ask.
Zuck: I have over 4,000 emails, pictures, addresses, SNS
[Redacted]: What? How'd you manage that one?
Zuck: People just submitted it.
Zuck: I don't know why.
Zuck: They "trust me"
Zuck: Dumb f***s.
Cue an endless series of phishing sites: "Did you know that anyone on the internet can see things you post on your Facebook page? Just type in your username and password and we'll scan your profile to see if it's secure..."
I work in IT for a small police department, and recently have begun doing presentations for parents on Facebook and general online privacy, what steps can be taken and how to watch out for warning signs of problems. I'd say at least half the parents I talk to are completely unaware of what information is freely available online about their kids, if allowed to use such a site, or how much information their kids are making available online.
It only takes about 20 minutes to educate a neophyte, if they're willing to learn, how to lock down privacy on Facebook.... He said with a pained expression. One thing which never ceases to boggle my mind is the number of parents (and people in general) who really don't understand and don't CARE what information is out there, or what it can mean. ID theft, home intrusion, stalking, all that pretty much is "someone else's problem", producing enough SEP power to cloak an average sized nation.
While products like this are certainly useful, the bigger issue is education. If you're aware of the changes to FB and the like, setting security takes all of a minute. If you're unaware and someone tells you, and if you're not particularly inclined toward looking over security settings, it might take someone 10-20 minutes to go over them with you. If you just plain don't care, no amount of open or closed source software is going to make any difference whatsoever.
I wish it were that easy. I have the "Instant Personalization Pilot Program" disabled on my account, but FB Connect popped up on CNN Money this morning.
What did I do? I specifically blocked any URL containing "fbconnect". Problem solved. OmniWeb let me do this using RegEx, but I'm sure the same can be done with AdBlock.
Per Square Mile, a blog about density
SaveFace automatically goes through and sets your privacy to "Only Friends" for everything. This may undo certain privacy measures you've already taken. For example, I set up a Limited Profile friend list for people who don't need to have access to my e-mail addresses, screen names, etc and blocked those items for them. SaveFace went through and removed those restrictions, so any of my friends could see my e-mail addresses, screen names, phone number, etc.
This tool would work fine if everyone on your friends list are actually friends who you'd like to share all of this with. On the other hand, all those folks from high school I added don't need to be able to IM me, call/text me, or use my e-mail address for anything.
My mistake, that is only for 2-3 sites that use your FB id to store profile settings
However, the other sites seem to be taking the data with explicit permission from FB. See http://www.microsoftteched.in/
On the bottom right there is a FB app click on the privacy button in it, there is a 4-5 page long document, but since it is on facebook.com, I assume that it is only for selected partners, so it should be as safe as your data is on FB itself
http://www.facebook.com/help/contact.php?show_form=delete_account
It's not hard, just involved and convoluted. Facebook's settings are many, and some of them aren't in the obvious places. These tools make it easy to do what's time-consuming to do by hand.
See here under "Yes, Facebook can get you fired."
Mr. Fulmer and his wife made fun of a local church sermon in a podcast they posted online in 2005. Mr. Fulmer says it got so much attention, his boss listened to it, thought it was offensive and fired him.
The thing is, sharing things about yourself can be objectionable to an employer - and you don't know what they could be.
What may be completely harmless or even your God given right to say or do, may make you unhirable for an employer or even fired. Against the law in some cases - prove it. They can always find a legitimate and legal excuse to not hire you or fire you.
The best thing to do is pass on Facebook.
RIP America
July 4, 1776 - September 11, 2001
Is it really so hard to simply go through Facebook's privacy settings yourself and consciously set them to whatever you want (as far as that's possible)?
Yes, it really is "so hard". Intentionally so. Take a look at this NY Times graphic showing all the privacy settings options that exist throughout a Facebook profile. (Or, at least, the options the NY Times was able to find.) You can see that the options behave in inconsistent ways. You can set "maximum privacy" on one page without realizing that an option at a different level over-rides this (e.g. third-party ads may still have access).
To really insure maximum privacy, you not only have to navigate this maze of options (the NY Times graphic helps to make sure you've nailed them all), but you have to repeatedly re-check your settings since Facebook can (and does) change the settings interface (and thus the default settings) from time to time. So a previously "highly private" profile can have information leak unless you are actively checking whenever there are changes.
As I said before, this is probably intentional. Facebook would prefer to have more access to data and more ability to redistribute personal data for profit. So it is to their advantage if people don't have maximally-private settings. A plugin that actually produces a clean, sane, and useful privacy settings interface can thus make it much easier to control those settings. It also points out just had bad Facebook's settings and customization pages really are: you need third-party apps and newspaper flow-charts to make sense of them.
Even if you turn off instant personalization, facebook still knows every time you visit one of those partner sites. But NoScript (I leave scripts enabled globally) has a cute feature called Application Boundary Enforcer. Here's (some of) my config:
Site .facebook.com .facebook.com
Accept from
Deny
Site .fbcdn.net .facebook.com .fbcdn.net
Accept from
Accept from
Deny
Enjoy!
Using the ReclaimPrivacy page worked great, made appropriate suggestions and allowed me to one-click fix select privacy settings. After running my profile through the SaveFace tool, however, it actually loosened my privacy settings automatically (changed some things which were set as "Only Me" to "Friends Only"), and did so without allowing me to interact and with no prompt telling me what it was doing in advance, with no way to stop it.
For privoxy, I added the following to my user.action file:
{ +block{Facebook privacy invasions} }
http://api.facebook.com/restserver.php
http://www.facebook.com/connect.php/js/FB.SharePro/
http://www.facebook.com/ajax/connect/
http://www.facebook.com/plugins/
http://www.facebook.com/connect/
http://connect.facebook.net/
and saved.
"Knowledge is the only instrument of production that is not subject to diminishing returns" -Journal of Political Econom