Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Confirms Data Breach

Posted by timothy on from the you-like-this dept.

another random user writes "A researcher by the name of Suriya Prakash has claimed that the majority of phone numbers on Facebook are not safe. It's not clear where he got his numbers from (he says 98 percent, while another time he says 500 million out of Facebook's 600 million mobile users), but his demonstration certainly showed he could collect countless phone numbers and their corresponding Facebook names with very little effort. Facebook has confirmed that it limited Prakash's activity but it's unclear how long it took to do so. Prakash disagrees with when Facebook says his activity was curtailed." Update: 10/11 17:47 GMT by T : Fred Wolens of Facebook says this isn't an exploit at all, writing "The ability to search for a person by phone number is intentional behavior and not a bug in Facebook. By default, your privacy settings allow everyone to find you with search and friend finder using the contact info you have provided, such as your email address and phone number. You can modify these settings at any time from the Privacy Settings page. Facebook has developed an extensive system for preventing the malicious usage of our search functionality and the scenario described by the researcher was indeed rate-limited and eventually blocked." Update: 10/11 20:25 GMT by T : Suriya Prakash writes with one more note: "Yes, it is a feature of FB and not a bug.but FB never managed to block me; the vul was in m.facebook.com. Read my original post. Many other security researchers also confirmed the existence of this bug; FB did not fix it until all the media coverage." Some of the issue is no doubt semantic; if you have a Facebook account that shows your number, though, you can decide how much you care about the degree to which the data is visible or findable.

155 comments

  1. Phonebook by Nerdfest · · Score: 4, Insightful

    A friend sent me an email a couple of years ago saying "Did you know that you have your phone number on FaceBook?". I said "Yes, I also have it in the phonebook".

    1. Re:Phonebook by bondsbw · · Score: 4, Insightful

      Actually, I just looked and noticed that Facebook has my phone number. I don't remember ever giving it to them, since I specifically don't want them sending me text messages (I don't have a texting plan and each text is a charge).

      When I click to remove it, it says "You will no longer be able to use this phone to receive notifications or upload any photos and videos to Facebook."

      Perhaps they got my number because I installed the app on my phone? I just don't remember explicitly giving it to them.

      --
      All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
    2. Re:Phonebook by Anonymous Coward · · Score: 5, Funny

      Phonebook? Is that like an e-book on your phone?

    3. Re:Phonebook by Anonymous Coward · · Score: 0

      However, the way a phonebook is made makes it unfeasible to use it any way but going with one phone number at a time (and the tiny font of phonebooks are a pain for OCR, and even then you'd be scanning a single page at a time, and at most you only get the name of the owner of said line). This allows building up huge detailed databases in short amounts of time, besides in the case of land lines the phone would be probably listed among all the people using it, not just the owner.

    4. Re:Phonebook by alostpacket · · Score: 1

      I'd say the issue here is not connecting a number with a person but rather that many of these numbers are mobile phone numbers. This can lead to a significant amount of SMS spam, phishing and other nasty stuff. In the days of phonebooks, while there were robo-dialers and whatnot, the volume and availability of automating this kind of spam has increased exponentially.

      --
      PocketPermissions Android Permission Guide
    5. Re:Phonebook by Anonymous Coward · · Score: 0, Flamebait

      You're dumb so you blame Facebook? How Slashdot of you.

    6. Re:Phonebook by h4rr4r · · Score: 1

      You can buy these lists already made.

    7. Re:Phonebook by Anonymous Coward · · Score: 1, Funny

      You're rude so you blame people on Slashdot? How internet of you.

    8. Re:Phonebook by L4t3r4lu5 · · Score: 1

      Yeah, but scammers had to originally tear out pages and hand them to call reps, which was time consuming and man-hour intensive. Now all they have to do is slip them all into a modem call list and when you pick up, they have your home address and full name on screen and linked up ready to jump straight into "Hello Mr Fest. I am calling from Windows Techincal Support about your home computer. You currently reside at $address, correct?".

      It's like the bastard child of spear phishing and cold call scamming.

      --
      Finally had enough. Come see us over at https://soylentnews.org/
    9. Re:Phonebook by Crayon+Kid · · Score: 4, Interesting

      You probably don't remember this, but when you first started using the Facebook application on your phone you had to confirm your phone number. You probably got a text with a code you had to enter or something like that.

      You can remove the number, as you noticed, but I'd be really skeptical whether they actually remove it. I suspect they don't, since it's a great way of tracking people across multiple accounts. As you experienced yourself, people often forget that they made Facebook aware of their personal phone number at some point in time.

      Consider for example the case of someone who becomes more privacy-aware, closes their initial FB account then later opens another when where he is more guarded about who he friends and what he publishes. And he thinks he's leaving less of an online footprint... when in reality I bet FB is tying it all in with his previous account.

      --
      i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
    10. Re:Phonebook by Anonymous Coward · · Score: 0

      They have had this sort of thing for years. You can buy lists already online. I had sever CDs of the things over the years. There are a few companies out there that this is their only product...

      This data breach is just another way scamers can get the number.

      My dad used to buy lists for his office that came in huge phonebooks of listed AND unlisted numbers. That has not gone away... It now is even easier to get the data on a DVD shipped to you. There are probably online soap and rest services for it...

    11. Re:Phonebook by Anonymous Coward · · Score: 0

      News For Idiots, Stuff that doesn't matter.

      I bought a US phone book on CD-ROM in a bargin bin in the 90s.

      Wow, you people here are dumb.

    12. Re:Phonebook by Thruen · · Score: 5, Insightful

      The phone book doesn't have my cell phone number, or most other peoples' cell phone numbers, but that is what Facebook has most of the time. The phone book doesn't have photos of me, my friends, and my family so as to positively identify me from anyone else in the world who might share my (relatively common) name. The phone book doesn't not allow me to find people by interest so I can find people to call and sell my products to. The phone book requires you to know pretty specifically who you are looking for in order to find them without using the trial and error method. Oh, and lastly, you know the phone book is going to list your number unless you do something about it, and many people choose not to have their number listed, Facebook was never supposed to list your number and so people gave it to them expecting it to remain private. So, while you might not care that Facebook decided to show your number, plenty of people would be bothered by it. It isn't the end of the world or anything, but to downplay it and equate it to having your number in the phone book is a just a bit crazy. Oh, and a point I nearly forgot, lots of teenagers have their cell phone numbers in their Facebook accounts, and without tackling why they shouldn't to begin with, those numbers should definitely not be available publicly.

    13. Re:Phonebook by Anonymous Coward · · Score: 0

      This comment doesn't even make sense. He's not blaming anyone for his rudeness.

    14. Re:Phonebook by ColdWetDog · · Score: 1

      Well, I've moved a couple of time since then, so I'm safe.

      Right?

      --
      Faster! Faster! Faster would be better!
    15. Re:Phonebook by jest3r · · Score: 1

      A friend sent me an email a couple of years ago saying "Did you know that you have your phone number on FaceBook?". I said "Yes, I also have it in the phonebook".

      Do you also have your photo in the phonebook?

    16. Re:Phonebook by Dishevel · · Score: 1

      Facebook does not have my phone number, my address, photos of me and my family. I can not be found by interest on Facebook.
      The problem here is not Facebooks security. Everyone has known for years it is shit.
      You have known for years Facebook is shit for privacy. You have had to have known. I can tell that by the fact that you seem to be able to string more than one sentence together to form coherent thoughts.
      You made a choice to give up your privacy in order to be able to "like" things and post on peoples walls.
      For me the choice seemed like a bad one. For you it seemed like a good one.
      You do not hear me bitching about not being able to share my life with strangers. You should not bitch about your informed choice either.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    17. Re:Phonebook by Thruen · · Score: 2

      Personally, I'm not bitching, Facebook doesn't have anything of mine I need kept private. They have my name, and some pictures I wanted to share with family and friends, none of which even include any people. I keep it simple partly because I don't trust Facebook, mostly because I don't use it often and don't care to. Facebook is an optional service, sure, you don't need it at all, but as much as I used to hate on it, it does provide a number of benefits for people who want to use it. You can tell people they shouldn't share so much and that's all well and good, but you shouldn't have to avoid services like Facebook because you can't trust them, it should piss people off when things like this happen. Any time you use a service and it doesn't operate as they claim it should, you should be pissed off. Like I said above, you can avoid all of your computer-related woes by staying off the computer, but you really shouldn't have to.

    18. Re:Phonebook by Dishevel · · Score: 2

      Facebook is different.
      We know the privacy is a joke. We know that if we set stuff private that in the next "enhancement" all of it will be moved and reset back to everything public.
      They do it every time. There is no reason to believe that your data will be or ever has been protected.
      Facebook is working as intended. You can not get mad at a stove for getting hot.
      You can not get mad at Facebook for making all your shit public.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    19. Re:Phonebook by starless · · Score: 1

      My cell phone and google voice numbers certainly aren't in the phone book.

    20. Re:Phonebook by Thruen · · Score: 1

      Well, I'm going to steal from you every week for the next ten years, and within a year I'll tell you you can't get mad at me, because it's just what you should expect.... I don't understand why people think the fact that Facebook keeps doing this means it's alright, and we have no right to be mad about it. It's just crazy. We could have six breaches of PSN a year and nobody would ever come out and say "Well, after the first two you really should've stopped using PSN!" and expect it to be taken seriously. It's a service a lot of people want to use, and they should be able to hold them to their word, it's as simple as that.

    21. Re:Phonebook by Anonymous Coward · · Score: 1

      Since your phone number is already in the phone-book, you should not have any problem posting your number here, right?

    22. Re:Phonebook by Anonymous Coward · · Score: 1

      The only way around this is: Change your IP address, change your cookies, change your friends, and an address change probably couldn't hurt.

    23. Re:Phonebook by Dishevel · · Score: 1

      If everyone tells me you are going to steal from me every week and I see you do it 2 weeks in a row, then, yes.
      I can not get mad at you.

      --
      Why is it so hard to only have politicians for a few years, then have them go away?
    24. Re:Phonebook by Anonymous Coward · · Score: 0

      Phonebook? Is that like an e-book on your phone?

      No, it's more like your contacts list printed on paper.

    25. Re:Phonebook by hierophanta · · Score: 1

      lemme fix OP for you fucks-
      you have a low self esteem and so you bring people down to make yourself feel better? how middle school you.

      yes i am aware of the irony of calling you ACs 'fucks'. i enjoy irony.

    26. Re:Phonebook by pkinetics · · Score: 1

      I have never been forced to register my phone number in FB. They strongly push you to do it, but you can always skip the option. They just make it sound like it is a security reason.

    27. Re:Phonebook by LordLimecat · · Score: 1

      Ditto, but like GP Im having a hard time finding a reason to care. People I DONT want calling me generally already have my phone number, the least I can do is put it out there for those I do want to contact me.

    28. Re:Phonebook by Anonymous Coward · · Score: 0

      I'm in high school, you insensitive clod!

  2. So? by backslashdot · · Score: 4, Insightful

    Remember phone books? It used to be possible to match people with not only their phone number but their home address too.

    1. Re:So? by Anonymous Coward · · Score: 0

      Yeah and in phone book you could also get the person's picture, where they grew up, where they live, what they like, what's their birthday, who they are married to, how many kids they have... oh wait you can't.

      Now that companies are no longer allowed to use your SS#, and most people keep their phone number even if they switch carriers, your phone number is the most identifying piece of information that exists about you.

    2. Re:So? by Anonymous Coward · · Score: 0

      Hello, Katherine Brewster ? John Connor ? just your mother calling ...

    3. Re:So? by Anonymous Coward · · Score: 0

      OMG! You mean someone could possibly link a phonebook entry with a map application and get driving direction to my home using only my phone number! NOOOO!

    4. Re:So? by Anonymous Coward · · Score: 0

      > It used to be possible to match people with not only their phone number but their home address too.

      Now, that didn't work out too well for Sarah Connor, did it? :-p

    5. Re:So? by mcgrew · · Score: 1

      The problem is cell phones. Most are paying by the minute. Phone books only list landlines, which don't bill you for calls recieved.

      --
      Free Martian Whores!
  3. Breaks my heart by Anonymous Coward · · Score: 0

    Well, I'm safe. I tried fb for a year or so, never really did do anthing much on it. Sorry for the millions who do. I'm very sad. Very very.... sa-aad.

  4. Facebook is by kiriath · · Score: 2

    One giant privacy breach anyway. I mean seriously, they churn your personal lives into gold.

    Not much right now, but SOMEDAY they will churn your personal lives into gold.

    1. Re:Facebook is by Anonymous Coward · · Score: 0

      Some day some how some thing may in some way make some one maybe not so much gold for some reason.

    2. Re:Facebook is by darkfeline · · Score: 1

      Implying that most people's personal lives are worth gold. Which they aren't. I don't know the exact numbers, but I know that marketing data per capita is very cheap. You are not worth very much at all.

    3. Re:Facebook is by rtfa-troll · · Score: 0
      There are different levels of data with different levels of worth:
      1. name and address - lets them send junk mail - pennies
      2. hobbies interests and profession - lets them target you specifically - small dollars
      3. recent web searches / current activities - lets them advertise product that you are currently trying to buy - tens of dollars per year
      4. detailed personal information - lets them impersonate you - tens to hundreds of dollars
      5. full personal account and password info - lets them clean out your bank account / take out loans in your name which are likely to be enforceable in court - thousands to tens of thousands

      Notice that, in the end, your data may actually be worth more than you are. Traditional marketing had wet dreams around full access to the first two. Google provides services equivalent to the use of the first two and controlled access the next. Facebook is providing temporary use of the fourth by allowing apps to do things as if they were you and beginning to gather the fifth. Notice that your Microsoft Hotmail account is protected with your mobile phone number and that Facebook keeps both of those together even if you have never created a Facebook account. This gets to be worse if your mobile phone account is controlled from your email address as is becoming more and more common.

      --
      =~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
    4. Re:Facebook is by Anonymous Coward · · Score: 0

      I think applying such alchemy to my data has just left them with 2 grams of selenium hexaflouride.

  5. "not safe"? by 1u3hr · · Score: 3, Insightful
    How is a phone number "not safe"?

    Its a new one on me to have an infected phone number. I guess they mean "not secret".

    And who cares? Ever heard of phone directories? You can find millions of phone numbers in there. Including mine. Phone spammers have lists anyway or just have dialers that try every number in a range till one answers.

    1. Re:"not safe"? by Anonymous Coward · · Score: 0

      but now they can tie it to a name ...

    2. Re:"not safe"? by Jawnn · · Score: 1

      How is a phone number "not safe"?

      Seriously? Dude, use your imagination just a little bit here...

    3. Re:"not safe"? by Anonymous Coward · · Score: 1

      I think the problem is not so much the phone numbers, as that it is possible to obtain the information. Where someone can obtain phone numbers, could they also obtain other information?

      It's more a problem with the breech itself, rather than the data that was obtained.

    4. Re:"not safe"? by FatAlb3rt · · Score: 1

      I think this is about mobile numbers - mine certainly isn't published in any publicly available phone book and I try not to give it out to anyone who doesn't need it.

    5. Re:"not safe"? by 1u3hr · · Score: 1

      How is a phone number "not safe"?

      Seriously? Dude, use your imagination just a little bit here...

      Something to do with the Necronomicon?

  6. Need a Survey / Cognitive Risk by retroworks · · Score: 4, Interesting

    It would be really interesting, as a kind of control group, to ask a statistically represented sample of people how alarmed they are, on the basis of 1-10, about the following: 1) Their name is in the phone book, 2) The government has their Social Security Number, 3) Their face is recognizable by the bank ATM camera, 4) their neighbor has a X% chance of receiving their mail in the wrong mailbox. Throw in the word "breach" and watch the fur fly.

    --
    Gently reply
    1. Re:Need a Survey / Cognitive Risk by Anonymous Coward · · Score: 1

      I doubt ATMs can recognise my face, I'm 6'8 and all the cash points are at my crotch level.

    2. Re:Need a Survey / Cognitive Risk by Minwee · · Score: 4, Funny

      Then you'd be surprised at how many databases your groin has been in.

    3. Re:Need a Survey / Cognitive Risk by Anonymous Coward · · Score: 1

      Certainly not enough, if "database" means what I think it does.

    4. Re:Need a Survey / Cognitive Risk by Anonymous Coward · · Score: 0

      ATM machine: "Please insert your card. Owww, OWWW! No!"

    5. Re:Need a Survey / Cognitive Risk by Sarten-X · · Score: 1

      Also ask whether they're aware of the risks of DHMO.

      --
      You do not have a moral or legal right to do absolutely anything you want.
    6. Re:Need a Survey / Cognitive Risk by Anonymous Coward · · Score: 0

      Get out more! Fsck everything in sight!

    7. Re:Need a Survey / Cognitive Risk by SmurfButcher+Bob · · Score: 1

      Congressman? Is that you?

      --

      help me i've cloned myself and can't remember which one I am

  7. Is that worse than FB itself having the data? by Anonymous Coward · · Score: 0

    Why should I trust any random person off the street any less than I trust the Zuck?

  8. Re:Offtopic - "another random user" by Dupple · · Score: 1

    "another random user" is, if I remember correctly, an actual users name. I've had a couple of stories posted where my user name is up there but is not a link. It sometimes happens like here

    http://slashdot.org/submission/2281279/microsoft-calls-for-5b-investment-in-us-education

    --
    Watch those corners
  9. Is there any good reason to enter your number? by Anonymous Coward · · Score: 1

    I don't get why people give Facebook their real phone numbers, even if it's supposedly only visible to friends. Any "friends" should already have your number, and if they don't they can ask.

    It's crazy how much the world has changed. When I was using the Internet in the 1990, there was a golden rule among pretty much everyone I knew that you do not give real names or personal information to any entity on the Internet for any reason whatsoever.

    Wow times have changed! Here [company who specializes in marketing], have all my contact information for free!

    Either people are incredibly dense, or they LIKE being spoon-fed ideas and marketing material.

    1. Re:Is there any good reason to enter your number? by Anonymous Coward · · Score: 0

      Because FB demands a phone number when signing up, and most employers also require someone to have FB access to actually get a face to face interview.

    2. Re:Is there any good reason to enter your number? by Anonymous Coward · · Score: 0

      most employers also require someone to have FB access to actually get a face to face interview.

      [citation needed]

    3. Re:Is there any good reason to enter your number? by Anonymous Coward · · Score: 1

      1) Pure lies. FB has never asked for my number of anyone else that I know of.
      2) Illegal, or becoming illegal in most sane jurisdictions, so invalid. Also only for crappy jobs.

  10. s/confirms/confirms another/ by overshoot · · Score: 1

    Or is that redundant?

    --
    Lacking <sarcasm> tags, /. substitutes moderation as "Troll."
  11. Someone's mad by Anonymous Coward · · Score: 0

    Looks like someone's just pissed that Facebook didn't pay out for their "vulnerability" discovery.

  12. One teensy weensy difference... by Viol8 · · Score: 5, Interesting

    Phonebooks were generally only easily available in the area you lived in and not accessable by Vlad in Minsk who wants to collect as much data as he can on you to impersonate you to a bank. Not only that , but once data is on a computer a lot of things can be automated. When its in barely readable type in a large book its a bit more effort.

    1. Re:One teensy weensy difference... by Anonymous Coward · · Score: 0

      Phonebooks for other areas were easily obtained public library being one good place to go, and there was good old Directory Assistance too...

    2. Re:One teensy weensy difference... by Anonymous Coward · · Score: 3, Insightful

      I remember in the mid 80s buying entire united states phonebooks on disks...

      In the 90s it was a giveaway with many computers on a CD.

    3. Re:One teensy weensy difference... by qwe4rty · · Score: 1

      Yeah, I suppose that stops him from dialing random numbers and picking up names from answering machines.

    4. Re:One teensy weensy difference... by Minwee · · Score: 5, Informative

      It's a good thing there are no phone books on the Internet, isn't it?

    5. Re:One teensy weensy difference... by Anonymous Coward · · Score: 1

      You're joking right? 411 and other such online phonebooks have been around for more than a decade.

    6. Re:One teensy weensy difference... by Anonymous Coward · · Score: 0

      I highly suggest: http://msn.whitepages.com/

      No fees.

      -Average Windows User

    7. Re:One teensy weensy difference... by Crayon+Kid · · Score: 2

      Phonebooks were generally only easily available in the area you lived in and not accessable by Vlad in Minsk who wants to collect as much data as he can on you to impersonate you to a bank. Not only that , but once data is on a computer a lot of things can be automated.

      So if I get this right, your solution to the fact that the US has a major identity theft problem is "would everybody be so kind and ignore it", or perhaps "bad guys, please don't use computers"? I'm afraid it may not work very well.

      I'm not even sure what's with the American paranoia against unique ID cards. It's not like not having them grants you any anonimity. If anybody (including your .gov) wants to find stuff out about you, they do. You already have unique social numbers, so all the worse parts of being uniquely identifiable in a centralized database are already happening. You're just missing out on all the good parts, such as limiting identity theft, or a comprehensive civil registry. I mean, it's ridiculous that in the US you can't really prove you've never been married.

      --
      i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
    8. Re:One teensy weensy difference... by spire3661 · · Score: 1

      We chafe against national ID cards because we are supposed to be a Union of independent states. The whole idea of having many states is to enjoy variation in law.

      --
      Good-bye
    9. Re:One teensy weensy difference... by Anonymous Coward · · Score: 1

      If we had ID cards, we would have ID numbers, which if stolen would stop any problem how?

      Are you implying that countries with ID cards don't have identity theft? Because we do have cards that are required for a large number of things, and it's called a drivers license/state ID.

    10. Re:One teensy weensy difference... by Deep+Esophagus · · Score: 1

      Yeah, I suppose that stops him from dialing random numbers and picking up names from answering machines.

      That's exactly why our answering machine just as a flat "Please leave your name and number at the sound of the tone."

    11. Re:One teensy weensy difference... by 1u3hr · · Score: 1

      Phonebooks were generally only easily available in the area you lived in and not accessable by Vlad in Minsk

      Until about 1990 when they were available online.

      When its in barely readable type in a large book its a bit more effort.

      OCR can read a phonebook as as fast as you can feed pages into a scanner.

    12. Re:One teensy weensy difference... by SomePoorSchmuck · · Score: 1

      Phonebooks for other areas were easily obtained public library being one good place to go, and there was good old Directory Assistance too...

      In a word, "No".

      At what point before the digitization/Internetization of data in the late 90s could you walk into the public library in Ekalaka, Montana, and ask to use a phone book for Harpers Ferry, West Virginia? Calling directory Assistance wasn't free, nor was mass-harvesting numbers from it anything other than cumbersome.

      Pretty much all the replies to Viol8's post completely whooshed.

      --

      Hollywood, Television, has become the dream machine. We need to take that back; each of us is a Dream Machine
    13. Re:One teensy weensy difference... by Anonymous Coward · · Score: 0

      Actually isn't that how Ray Kurzweil got started in the mid-'70's. His reading machine was first used to digitize the phone book. Seems AT&T would not sell their content directly but the phone books were available w/o restriction. The mag tapes of phone numbers were one of his first commercial products.

    14. Re:One teensy weensy difference... by Archangel+Michael · · Score: 1

      " Vlad in Minsk who wants to collect as much data as he can on you to impersonate you to a bank."

      This is a problem, but not with privacy, but with impersonation. Banks (and those like them) that take phony credentials to allow people to open up lines of credit and rip people off. The fix for this is painful, but really necessary, make banks eat the cost without being able to write it off as a cost of business. It isn't a cost of business, it is complicity in fraud.

      What ever happened to due diligence?

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    15. Re:One teensy weensy difference... by Archangel+Michael · · Score: 1

      The problem isn't with the IDs. It isn't. Not even close. The problem is that we are convenience oriented society that wants everything nice and easy. Problem is not with the IDs but those that trust random people using random IDs and issuing huge lines of credit to them, without verifying that the person presenting the ID is who they say they are, because that is not convenient.

      --
      Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
    16. Re:One teensy weensy difference... by jkiller · · Score: 0

      At what point before the digitization/Internetization of data in the late 90s could you walk into the public library in Ekalaka, Montana, and ask to use a phone book for Harpers Ferry, West Virginia?

      Oblig... http://www.youtube.com/watch?v=z9pXiFG3z5M

    17. Re:One teensy weensy difference... by DerekLyons · · Score: 1

      Phonebooks were generally only easily available in the area you lived in and not accessable by Vlad in Minsk who wants to collect as much data as he can on you to impersonate you to a bank.

      I can't speak to Minsk - but pretty much every library I ever visited in the US back in the day had a huge collection of phonebooks. Generally, one book from each for every community in the county, one for most communities in adjacent counties, one for for every major and medium (and often many smaller) city in the state, and one for every significant city in the US. Not to mention, all Vlad in Minsk had to do was call the phone company and they've very helpfully give him your number unless you'd paid to have it unlisted.

    18. Re:One teensy weensy difference... by SomePoorSchmuck · · Score: 1

      Phonebooks were generally only easily available in the area you lived in and not accessable by Vlad in Minsk

      Until about 1990 when they were available online.

      When its in barely readable type in a large book its a bit more effort.

      OCR can read a phonebook as as fast as you can feed pages into a scanner.

      Which has NOTHING to do with how easy it is to simply purchase instantaneous access to existing databases today.

      "OCR" never read a phonebook because "OCR" is just a piece of software. Actual human beings had to do actual tedious legwork to scan, recognize, and correct thousands upon thousands of text pages. If you think this was trivial or inexpensive you never worked in data processing before 1995. I did and I can tell you it wasn't just sitting around having tea and finger sandwiches while "OCR read the phonebook".

      Viol8's point was about the enormous contrast in ease between harvesting small amounts of directory information 20 years ago versus a couple clicks on a website to access a database of hundreds of detailed profiles of hundreds of millions of people.

      --

      Hollywood, Television, has become the dream machine. We need to take that back; each of us is a Dream Machine
    19. Re:One teensy weensy difference... by 1u3hr · · Score: 1

      Which has NOTHING to do with how easy it is to simply purchase instantaneous access to existing databases today.

      It's easier, yes. The OP seemed to think it was impossible before.

      Viol8's point was about the enormous contrast in ease between harvesting small amounts of directory information 20 years ago

      If by "small amounts" you mean "tens of millions of names, addresses and numbers".

      I was online 20 years ago. It wasn't flashy, you had to use a 28.8 kbps modem, but phone numbers were one of the first things online. This is not a new thing.

    20. Re:One teensy weensy difference... by Tastecicles · · Score: 1

      re your last comment: are you saying that there are situations where you have to prove the nonexistence of a document such as a marriage certificate?? Waitwhat? I would've thunk that if someone were convinced that you had been married before the burden would be on them to prove it and not the other way round?

      --
      Operation Guillotine is in effect.
    21. Re:One teensy weensy difference... by Tastecicles · · Score: 1

      Yes, indeed.

      --
      Operation Guillotine is in effect.
    22. Re:One teensy weensy difference... by Tastecicles · · Score: 1

      BT Phonedisk SE 1994(?), freebie on the front of I think it was PCPro. Several hundred thousand domestic line numbers, from every UK directory, on one CDROM.

      --
      Operation Guillotine is in effect.
    23. Re:One teensy weensy difference... by Tastecicles · · Score: 2

      don't know about that situation but the main library in my city (Nottingham) has always (to my recollection anyway) had a section aside exclusively for phone directories, both Yellow Pages and the domestic phone book, for the entire UK.

      --
      Operation Guillotine is in effect.
    24. Re:One teensy weensy difference... by Anonymous Coward · · Score: 0

      whitepages.com doesn't have your email address though.

    25. Re:One teensy weensy difference... by Viol8 · · Score: 1

      "was online 20 years ago. It wasn't flashy, you had to use a 28.8 kbps modem, but phone numbers were one of the first things online. This is not a new thing."

      Not where I live they weren't.

    26. Re:One teensy weensy difference... by 1u3hr · · Score: 1

      ... ten miles to school, barefoot in the snow....

    27. Re:One teensy weensy difference... by Crayon+Kid · · Score: 1

      In countries which implement ID cards, just knowing a person's unique ID number doesn't help a bad guy. In fact we freely give out those numbers when shopping when we need an invoice for accounting purposes, at the doctor's, for civil registry purposes (recording of marriages, children etc.), at the bank and so on. The number is just a convenient method of tracking a person in the records.

      But don't confuse the number with [i]proving your identity[/i]: you have to present the card in person (it's a picture ID card); people are protective of their ID card; the cards have safety elements which make forgery very hard; there are automated verification machines (used mostly by banks and country border routine checks) which scan a card and respond back within seconds if it's valid.

      So yes, identity theft is practically unheard of in Europe, in the sense it's used in the US. For example, in order to get a loan you have to show up at a bank and request it in person, physically sign a contract and wait (days) to be checked out. An impersonator would have to (a) forge an ID card; (b) forge your signature on a contract; (c) hope no word of this gets back to the actual person during the check-up period. And even if they manage all this, the laws are such that once it's proven it wasn't you, you're completely off the hook.

      --
      i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
    28. Re:One teensy weensy difference... by Crayon+Kid · · Score: 1

      You're right, but how difficult do you think it is to "prove" marriage? Marriage licenses in the US can be very casual, basically they're just a piece of paper. If a woman shows up with such a (forged) piece of paper and a random priest swearing "yeah, I married you two back in '67 in Vegas, I remember you were drunk as shit", you're screwed.

      There's practically no way you can prove they're lying, and the US law recognizes this as a legal marriage, without the requirement that it was recorded in an official registry. Whereas in other countries (most of Europe), no marriage is valid without it being recorded in the centralized national registry. Licenses are just pieces of paper, they can be lost or reissued, but the record in the registry is either there or it isn't.

      --
      i ate crayons when i was a kid and now i have two braincells and the blue ones taste nicer
    29. Re:One teensy weensy difference... by Viol8 · · Score: 1

      No , not really. In the UK phone numbers were not available online in the 90s.

  13. Anecdote Time! by eldavojohn · · Score: 5, Interesting

    Remember phone books? It used to be possible to match people with not only their phone number but their home address too.

    Ah, yes! And let me tell you a story about that! I used to have a very common name. So common that according to the latest census there are 40,000 of me walking around the United States (first and last name). I have met myself (first, middle and last) four times and the second time I met myself I was 19 and he was 20 and he said to me: "Don't you ever let your name be published in the phone book" (as advice from one being raised in a major metropolis and I being raised in a very small town) and then went on to describe at length how, when he turned 18, he started receiving odd phone calls from credit card companies demanding he pay up tens of thousands of debt. After months of harassment, he finally got it all straightened out with one of the credit bureaus who then basically had to show the credit card companies that his records and the records of the real person they were looking for were completely different. The other odd thing was that the address the credit card companies had on file had the same exact abbreviations as his address in the phone book and the person had "moved" to that address right when my friend turned 18 and had his name put in the phone book.

    Is it a common problem? Maybe not ... but I'd just as well keep as much of my life private as possible ... to avoid whatever creative scofflaw there might be out there.

    --
    My work here is dung.
    1. Re:Anecdote Time! by SIR_Taco · · Score: 4, Funny

      ...

      I used to have a very common name. So common that according to the latest census there are 40,000 of me walking around the United States (first and last name). I have met myself (first, middle and last) four times and the second time I met myself I was 19

      ...

      John Jacob Jingleheimer Schmidt? That's my name, too!

      --
      I say don't drink and drive, you might spill your drink. Before you get behind the wheel just stop and think.
    2. Re:Anecdote Time! by Anonymous Coward · · Score: 0

      Yes. Scrubby companies using shotgun approaches to find people, even sending mail and messages to NEIGHBORS to find out anything they can on the person they are targeting, even if those people weren't the target.
      They use anything they can to find people, letters, voting records, and more and more these days using the web.

      I've seen it all over consumer action websites and it even happened to me once. I got letters for months from some company that still exists for some absolutely retarded reason. Why they haven't been punished for harassment is beyond me.

    3. Re:Anecdote Time! by flanders123 · · Score: 1

      Sounds like my "friend", Joey Jo-Jo Junior Shabadoo.

    4. Re:Anecdote Time! by Anonymous Coward · · Score: 0

      His name is Robert Paulson

    5. Re:Anecdote Time! by Anonymous Coward · · Score: 0

      Skip tracers are scum. I've been harassed many times by them and my credit is spotless, because I've always paid on time. Just because someone has the same last name as me and lived in the same city, they'd call me 2-3 times a week and hang up if I started asking questions back. The trick is to refuse to answer if the person is there or not until you know exactly who is calling. Then you have to send them a written letter demanding they stop calling. It took me most of a year to figure that out. How did they get my number? The phone book.

    6. Re:Anecdote Time! by Anonymous Coward · · Score: 0

      That's the worst name I ever heard.

    7. Re:Anecdote Time! by Tastecicles · · Score: 2

      Hi Joey's friend, he says you owe him five Bucks and he wants it by Friday or he's sending his "friend" the Thumb Collector.

      --
      Operation Guillotine is in effect.
  14. Re:Offtopic - "another random user" by Anonymous Coward · · Score: 0

    As a truly anonymous and mostly coward user, I did notice and was a irked by that.

    I'm both amazed and vexed at the current trend of using "random" for very disparate meanings. Oh well, that's how language evolves, I suppose.

  15. I agree - it is certainly not safe to call me. by emmjayell · · Score: 1

    I may answer the phone, and in general, talking to me on the phone is usually unpleasant, even bordering on unsafe.

  16. What Do You Mean by "Data Breach" by Anonymous Coward · · Score: 5, Insightful

    The *only* difference between a "data breach" and their normal business model is that Facebook didn't get paid.

    1. Re:What Do You Mean by "Data Breach" by IamTheRealMike · · Score: 3

      I suspect this boils down to inadequate controls on data scraping, ie an API that's meant to surface data for an interactive UI can be scripted to enumerate every possible user and they don't have any automated controls on it.

  17. Aren't there editors that review submissions? by Ericular · · Score: 2

    "Facebook has confirmed that it limited the Prakash's activity". -- What is "the Prakash"?

    "Prakash disagrees with when Facebook says". -- That phrasing doesn't feel right to me either.

    1. Re:Aren't there editors that review submissions? by Anonymous Coward · · Score: 0

      "Facebook has confirmed that it limited the demonized security breacher's activity". -- What is "the demonized security breacher"?

      "The demonized security breacher disagrees with when Facebook says".

      There, FTFY.

    2. Re:Aren't there editors that review submissions? by Anonymous Coward · · Score: 0

      Thats actually a direct quote from the article, its terrible but not the submitter/editors fault.

    3. Re:Aren't there editors that review submissions? by wannabgeek · · Score: 1

      Whoosh!

      Prakash is a name. It should not be preceded with "the". That (I guess) is the point the GP is trying to make.

      --
      I'm much more funny, interesting and insightful than the moderators think
  18. Re:Offtopic - "another random user" by Anonymous Coward · · Score: 0

    Curses! I [_______] a couple of [________] there.

  19. This is why by Anonymous Coward · · Score: 0

    I don't have my face in the book. I must be a sociopath serial killer.

  20. misleading by tero · · Score: 5, Insightful

    So this is not about breaching phone numbers data that are set to private. This is about finding publicly published phone numbers through the normal search.

    Meh. Phonebooks didn't even have privacy policies back in the day.

    A more valid complaint might have been the ever changing default settings and user interface "improvements" which make finding the said settings very hard.

    But even then, this is not really post-worthy.

  21. Remember crisscross directories? by wiredog · · Score: 1

    Where you could look up a phone number given an address?

    --

    Best Slashdot Co
  22. It's a feature by Anonymous Coward · · Score: 0

    How else should I get hold of Lady Gaga's private mobile number?

  23. Phone book? by Anonymous Coward · · Score: 1

    Several people on here are bringing up the phone book parallel, but it doesn't really fit. Many of us are not listed in the phone book. For that matter, millions of people are unlisted, but give their mobile number to Facebook in order to receive updates or due to their security questions. These people (unfortunately) think their number is still unlisted and private due to their account settings, unaware how easy it is to get access to that information.

    Point is, if put your number in the phone book, you expect it to be public. If you have an unlisted number and think your number is private, then it's going to be an awful shock when you find out your number is splattered across the Internet.

  24. I just refused to install the Facebook app by bdwoolman · · Score: 4, Informative

    I grudgingly use Facebook (Forcebook, Farcebook, Facebroke, Facebork) because so many of my real friends from overseas postings here and there can be found on it. They move around, too, and, well, it just makes sense.. My Android phone just offered me the opportunity to install the FB app when I checked an email message from Facebook -- A friend request from a German pal of mine from my days in Armenia (See?) He's in Uraguay it seems. Well, when I was ready to do the install I read the permissions list.Holy privacy invasion, Batman! It was going to do all the crap I painstakingly don't let the creepy site do on my web browser (it is a battle). And then it was going track my location to boot.

    Bondsbw, you so gave them permission to have your phone when you installed that app. Moreover, you also gave them permission to marry your firstborn child off to the evil sorcerer Zuck when he or she comes of age. (The sorcerer swings both ways.) Oh, I forgot F*ckedbook.

    --
    "No fear. No envy. No meanness." Liam Clancy
    1. Re:I just refused to install the Facebook app by Anonymous Coward · · Score: 2, Funny

      Oh, I forgot F*ckedbook.

      you don't have to have ex girlfriends on facebook

    2. Re:I just refused to install the Facebook app by FreonTrip · · Score: 2

      I was always partial to "Fartbeak," myself, mostly because I wonder what the mascot would look like.

    3. Re:I just refused to install the Facebook app by BenoitRen · · Score: 1

      Facebook (Forcebook, Farcebook, Facebroke, Facebork)

      Faceboot, Faecesbook,...

      Holy privacy invasion, Batman!

      Holy Invasion of Privacy, Badman! What Did I Do To Deserve This?

    4. Re:I just refused to install the Facebook app by Anonymous Coward · · Score: 1

      When you install the Facebook app it immediately uploads your phone's address book (and probably call log) to Facebook. At the very least they use this information to suggest friends. I regularly get suggestions to friend people I worked with years ago despite having no mutual friends nor their contact information in my phone. So I am fairly sure what happened was that they kept my phone number in their phone, and installed the Facebook app at some point.

    5. Re:I just refused to install the Facebook app by houghi · · Score: 1

      I grudgingly use Facebook (Forcebook, Farcebook, Facebroke, Facebork) because so many of my real friends from overseas postings here and there can be found on it.

      I have many people I know that are overseas as well. If we want to keep in contact, we email or phone each other.

      Those who can not take the time to do that, I do not really consider friends. Not everybody I know is a friend, nor does that person needs to be.

      --
      Don't fight for your country, if your country does not fight for you.
    6. Re:I just refused to install the Facebook app by knorthern+knight · · Score: 1

      || Facebook (Forcebook, Farcebook, Facebroke, Facebork)

      | Faceboot, Faecesbook,...

      I get my daily giggles from "Lamebook" http://www.lamebook.com/ and Failbook http://www.failbook.com/

      --

      I'm not repeating myself
      I'm an X window user; I'm an ex-Windows user
    7. Re:I just refused to install the Facebook app by RockDoctor · · Score: 1

      Faceboot, ...

      Deliberate or accidental '1984' reference?

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  25. Your private data is safe with us. No, really. by dna_(c)(tm)(r) · · Score: 1

    A friend sent me an email a couple of years ago saying "Did you know that you have your phone number on FaceBook?". I said "Yes, I also have it in the phonebook".

    Except that you can opt-out form the phonebook with an unlisted number. Facebook harvests your phone number and your contacts phone numbers, names email addresses. Potentially they can access IMEI, record sound and take pictures at any time (not just when you click a button), manage your accounts (not sure if they can retrieve anything from other accounts like email etc...)

  26. So what? by Anonymous Coward · · Score: 0

    Who cares?

  27. Safegaurding anonymity by Picass0 · · Score: 2, Informative

    I hope I don't sound trollish, but it is ultimate your responsibility to safegaurd information you don't want passed around. Reliance on Facebook to safegaurd your stuff implies they care about a few phone numbers, or private photos, or whatever. They don't. They'll write some form letter to everyone and apologize and then go back to fretting about their stock price.

    At Facebook you the product for sale. As long as you keep coming back they don't have a problem.

    1. Re:Safegaurding anonymity by Thruen · · Score: 1

      The big problem with this logic is that you do need to give out your personal information to sign up for various services, and the truth is nobody else really gives a damn unless it's regulated, and at that point they only care about the regulations. I'm not saying you're altogether wrong, it's definitely a good idea to keep things you want to stay private off of services like Facebook (or Google+ or Myspace) but that doesn't make it in any way acceptable when they publish information they claimed would be kept private. You can solve all of your computer-related woes by avoiding computers, but you really shouldn't have to...

    2. Re:Safegaurding anonymity by Picass0 · · Score: 2

      I did not hand out personal information when I created my /. account all those years ago. I can express every opinion I want on Slashdot without handing over my blood type.

      The problem in your logic is it assumes a person needs a facebook account (or like service). What do Myspace, Google+ and Facebook all have in common? I don't have user accounts on any of them.

      I belong to several discussion forums where I post at almost daily. None of them have my real name, phone number, pictures of me or my kids...

      I don't want online identities regulated. One more goverment oversight that can be easily abused.

    3. Re:Safegaurding anonymity by Thruen · · Score: 2

      They're not the only service you give your information to, they're just the ones that you don't use. I don't have a MasterCard, so if they release all of their customers' information I should think "They're stupid for using MasterCard!" You can argue that they're optional all you want, but so are credit cards, cable, and the internet you use to find said discussion forums. There's no reason to sit there and say it's the users' fault for using a service, that's completely ridiculous. Any time a service, even if it's optional, handles your personal information, they should be held to a certain standard. Calling it the regulation of online identities is a silly way of making it sound like the government would be controlling our online lives, when really all we need is for them to say if a service can't keep to it's word they pay a big-ass fine based on their revenue.

    4. Re:Safegaurding anonymity by legojenn · · Score: 1

      For some reason, the number, 867-5309, that I put on facebook never gets called. Go figure.

      --
      I make a reasonable middle-class wage by going to work and not spamming blogs with scams.
  28. Visit from the FBI by KatchooNJ · · Score: 1

    This reminds me of when the FBI visited my grandfather because he had the same name as some mafia guy who happened to live nearby. I remember him having to sign paperwork swearing he wasn't the same guy as the criminal. lol Crazy stuff! This was in the late 80s, btw.

    --
    "Never give up, for that is just the time and place when the tide will change." -Harriet Beecher Stowe ^_^
    1. Re:Visit from the FBI by SecurityGuy · · Score: 2

      That's hilarious. I suppose the real criminal NEVER would have signed paperwork swearing he wasn't the real criminal.

    2. Re:Visit from the FBI by Anonymous Coward · · Score: 0

      Of course he would have. But if the feds can then identify him some other way, they can then tag him on perjury charges if nothing else.

    3. Re:Visit from the FBI by BeanThere · · Score: 1

      Probably some kind of legal "CYA" measure on the cops part.

    4. Re:Visit from the FBI by KatchooNJ · · Score: 1

      Oh... I totally believe that was the case. And maybe the perjury thing too.

      --
      "Never give up, for that is just the time and place when the tide will change." -Harriet Beecher Stowe ^_^
  29. Unsafe phone numbers? by wonkey_monkey · · Score: 1

    the majority of phone numbers on Facebook are not safe

    Is this a viral campaign for another awful horror movie? If you call these unsafe numbers you'll die within 24 hours, that kinda thing?

    --
    systemd is Roko's Basilisk.
  30. Wow, does that do the whole world?? by Viol8 · · Score: 1

    Oh wait, no it doesn't. Plus you have to actively search for people rather than just skimming off data while following links between user pages.

  31. Confirmed: works for private numbers by Anonymous Coward · · Score: 2, Interesting

    I verified that my mobile number is set to be visible to myself only. I then used a fake facebook account that I keep around, and searched for my phone number. Sure enough, my account showed up. If I try to remove it, I'm informed that I will no longer be able to use that phone to do anything with Facebook. I removed it anyway, and so far, Facebook is still returning my account when I search for my cell number.

  32. Business as usual by wcrowe · · Score: 1

    They weren't so much upset about the data breach as they were that Prakash did not pay for it.

    --
    Proverbs 21:19
    1. Re:Business as usual by Anonymous Coward · · Score: 0

      Ya I dint :P

  33. I have a bogus phone number there by swschrad · · Score: 1

    because I can.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  34. how-to-hack.us by Anonymous Coward · · Score: 0

    how-to-hack.us

    Free stuff added daily :)

  35. What the F*** by kelemvor4 · · Score: 1

    Facebook has confirmed that it limited the Prakash's activity but it's unclear how long it took to do so.

    Am I the only one who thinks this was not the right response here? It seems like it would be far better to fix the damn vulnerability rather than blocking the guy who reported it...

  36. Yes, let's put a billion eggs into this basket by sootman · · Score: 4, Informative

    Businessweek: What's possible at a billion-plus users that wasn't possible at, say, 500 million?

    Mark Zuckerberg: There are two ways that I look at this. There's what we can build internally and then there's what can be built externally using Facebook. I'll start with the external stuff... when we were at half a billion people, you got these large-scale services like Skype or Netflix (NFLX) that also had big user bases. And we weren't yet at the point where the majority of their users were Facebook users, so they couldn't really rely on us as a piece of critical infrastructure for registration. A lot of startups did, but the bigger companies couldn't. Now really everyone can start to rely on us as infrastructure.

    http://www.businessweek.com/printer/articles/74456-facebooks-next-billion-a-q-and-a-with-mark-zuckerberg

    The problem isn't that the data exists. (As others are pointing out with phonebook analogies.) The problem is that the data--your data--isn't safe. Not that it's totally safe anywhere, but FB seems to have had more than their share of problems.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  37. Its me :P by Anonymous Coward · · Score: 0, Informative

    Somebody told me many people are commenting here :P .. Guys any technical questions and any comments can be made here :P and I would relpy directly

    -- Suriya Prakash

    I know how trolls are gonna get mad saying this is fake ... soooo here---> https://twitter.com/SuriyaMe/status/256448898258833408

    1. Re:Its me :P by Anonymous Coward · · Score: 0

      -_- the Internet .. I am disappointed in you !

  38. Simple answer: by Tastecicles · · Score: 2

    Remove your number from Facebook listings (easy done) and write the administrators with a tort-actionable letter stating they have seven days to remove it from their database (not so easy; you will have to be prepared to take it to small claims court to action the tort, which in the UK is £5000 so make the option a claim for £4999.90. If you do end up taking a claim, you will likely get a summary judgment in favour since you made a legal request to a company, who are very unlikely to send a representative to challenge it. International borders be damned, they do not exist; when a company trades in the UK they play by UK rules or they fuck off.

    --
    Operation Guillotine is in effect.
  39. Why ... by NoSalt · · Score: 0

    ... do people put sensitive information like that on Facebook anyway? I just have the absolute bare "essentials" on Facebook/Twitter/MySpace/etc.

  40. But Facebook knows who you are. by knorthern+knight · · Score: 1

    > I verified that my mobile number is set to be visible to myself only. I then used
    > a fake facebook account that I keep around, and searched for my phone number.

    So you set up a Facebook account as Jane Doe with phone number 123-456-789-0000. However, several of your real-life friends have you under that number in their cellphone contacts as John Smith. Those friends have Facebook accounts, and their mobile phone contacts get scraped. Now Facebook knows you're lying, and they can connect that account with your real name.

    I read about people who get freaked out, because minutes after joining Facebook, they get a long list of "people you may know" that they do actually know.

    I don't do Fecesbook, but I probably have a profile anyways, according to a former Facebook employee... http://www.dailymail.co.uk/sciencetech/article-2165543/Facebooks-Dark-Profiles-twisted-genius-Mark-Zuckerbergs-quest-total-domination.html

    > She claims that in Autumn 2006 everyone at the company was so convinced that
    > Facebook was something that everyone should have that when the product team
    > created an experimental feature called dark profiles in 2006, nobody even flinched.

    > People can be tagged in Facebook photos even if they do not have a profile, and the idea
    > was to create a 'dark' version which could apparently be activated if they finally signed up.

    --

    I'm not repeating myself
    I'm an X window user; I'm an ex-Windows user
  41. You know, you think you put down an original by bdwoolman · · Score: 1

    twist on something. But then some person points out that someone got there before you. Well, sort of. Ha ha. Thanks for that link. That's funny.

    --
    "No fear. No envy. No meanness." Liam Clancy
  42. Not a bug, but a feature by dcollins117 · · Score: 1

    "The ability to search for a person by phone number is intentional behavior and not a bug in Facebook.

    "It' s not a bug, it's a feature." I've used this excuse many times - it's an indispensable tool for any software developer. After all, sometimes it goes unchallenged, and you get out of doing actual work.

  43. Well... by Anonymous Coward · · Score: 0

    Sorry, posting AC here for a reason...

    I'm not saying it's good or bad (hey, let's start a flamewar!!), but due to the kind of work I do & the circles I swim around, I know of 2 very well-known, high-power attorneys in New York who are already preparing to file against Facebook.

    I'm not saying Facebook is already headed down the MySpace rabbit hole, but Mr. Zuckerberg and Mrs. Sandberg might want to try to get out in front of this.