Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook's Graph Search: Kiss Your Privacy Goodbye

Posted by timothy on from the no-longer-in-relationship-with-privacy dept.

Nerval's Lobster writes "Software developer Jeff Cogswell is back with an extensive under-the-hood breakdown of Facebook's Graph Search, trying to see if peoples' privacy concerns about the social network's search engine are entirely justified. His conclusion? 'Some of the news articles I've read talk about how Graph Search will start small and slowly grow as it accumulates more information. This is wrong—Graph Search has been accumulating information since the day Facebook opened and the first connections were made in the internal graph structure,' he writes. 'People were nervous about Google storing their history, but it pales in comparison to the information Facebook already has on you, me, and roughly a billion other people.' There's much more at the link, including a handy breakdown of graph theory."

8 of 245 comments (clear)

  1. Re:Yeah, right by game+kid · · Score: 5, Informative

    As soon as you saw (not clicked!) the Like button, for that matter.

    --
    You can hold down the "B" button for continuous firing.
  2. Re:Yeah, right by Seumas · · Score: 5, Informative

    Exactly.

    My use of facebook is as follows:

    Register account, to keep someone else from using my name (it happens, I've had internet stalkers for over a decade that have done things like register domains, show up at my door, etc).

    Disable everything that it's possible to disable. Set to notify me by email of private messages, just in case. Disable ability to tag me in photos, post on my wall, etc, etc.

    Put up a user photo on account that says "I DO NOT USE FB. SEND ME AN EMAIL AT >email addy".

    Never touch Facebook again.

  3. Do not enter your real name on a social network. by Zombie+Ryushu · · Score: 5, Informative

    Do not enter your real name on a social network, use a Psuedonym, call yourself something else like you would on IRC, AIM, YIM, etc. Only friend people who you know on their Psuedonym. People. Quit. Putting. Your. Real. Name. On. Accounts.

  4. Re:Garbage in, garbage out by icebike · · Score: 5, Informative

    I have been peppering my FB check-ins with places that I have been to, noting events that never took place, mixed in with real check-ins. I have set my "Lives in" city to somewhere different every day this year. Unless you know me, good luck figuring out what on my FB page is real and what isn't.

    The thing about Graph search, is your friends know you, and they, (presumably), are not engaged in such useless attempts at deception. So regardless of what YOU say or do, Facebook will not be fooled. They will know exactly who you are and where you are, just by mining your friends, your IP address, etc. (I mean, seriously, you can't have imagined this would really work, did you)?

    Even if you never signed up for facebook, you are likely already in their database.

    --
    Sig Battery depleted. Reverting to safe mode.
  5. Re:I actually doubt FB can tell who I am. by icebike · · Score: 4, Informative

    Too bad. They know exactly who you really are, and your current, (and probably all past) addresses. Your spouse and family log in from the same public facing IP addresses, you all visit the same restaurants together with your portable devices. Your friends have your pictures, and facial recognition will peg you.

    You are fooling no one but yourself.

    --
    Sig Battery depleted. Reverting to safe mode.
  6. Re:Yeah, right by Bill,+Shooter+of+Bul · · Score: 4, Informative

    Yeah, as much info I have in there is fake, I can't convince my friends who grew up with facebook in college to fake everything. They know things, I show up in pictures, I get invited to events, ect. The fake stuff makes it more difficult, but not impossible. Its like a single DES encryption. Just really there to deter those with out the motivation to crack.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  7. Re:I actually doubt FB can tell who I am. by roscocoltran · · Score: 4, Informative

    Check how unique your browser is:
    http://panopticlick.eff.org/
    This will show you that logged in FB or not, your browser signs your unique presence for you. No really, you don't even need to have an account on FB to be known by FB. Now add the data collected by other sites and I'm quite sure that FB could automatically fill in your first name field and last name field for you during the account creation.

  8. Re:Yeah, right by DarkOx · · Score: 4, Informative

    Not its not an awesome method.

    You're right it does not support wildcards so putting www.facebook.com in there does nothing top stop, the java script on every other site out there from posting to trackyourass.facebook.com

    I makes things point to a resource that won't answer so unless you take additional steps like running a httpd that will generate a 404, so it can make things dirt slow.

    Lots of pages are designed (badly) and need images to exist or the layout breaks, or is messed up otherwise.

    So no your hosts file is not an awesome method. A proxy like privoxy for example though there are other good ones starts to come closer to something that might be a decent solution. It could at least serve dummy images, use regular expressions to strip posts, and gets inside iframes to .*facebook.(com|net); .*fbcdn.com and others. etc.

    Really people STOP using your hosts file. Its like the worst possible answer.

    --
    Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html