Facebook 'Stalker' Tool Uses Graph Search For Data Mining

← Back to Stories (view on slashdot.org)

Facebook 'Stalker' Tool Uses Graph Search For Data Mining

Posted by Soulskill on Friday October 18, 2013 @01:37AM from the at-least-somebody-finds-it-useful dept.

angry tapir writes "Mining small details from Facebook has become even easier with Graph Search, the site's new search engine that returns personalized results from natural-language queries. Graph Search granularly mines Facebook's vast user data: where people have visited, what they like and if they share those same preferences with their friends. 'FBStalker' is a Python script debuted at the Hack in the Box security conference in Kuala Lumpur. In its current form, FBStalker runs in the Chrome browser on OS X, entering queries into Facebook's Graph Search and pulling data. Even if a person's profile is locked down to strangers, their friends' open profiles can be examined, giving an indication, for example, who the person may be close with. FBStalker uses Graph Search to find photos in which two people are tagged in, comments on profiles and more."

22 of 38 comments (clear)

Min score:

Reason:

Sort:

isn't this like the n:th bot for querying it? by gl4ss · 2013-10-18 01:46 · Score: 2

I mean seriously how many times can you flog the subject.

--
world was created 5 seconds before this post as it is.
1. Re:isn't this like the n:th bot for querying it? by Anonymous Coward · 2013-10-18 02:07 · Score: 1
  
  Oh, if only FB were a dead horse.
Spear phishing by schneidafunk · 2013-10-18 01:49 · Score: 1

So based on the article, the lesson learned is do not give your tech-novice wife a computer with your passwords on it.

--
Some people die at 25 and aren't buried until 75. -Benjamin Franklin
1. Re:Spear phishing by barlevg · 2013-10-18 02:17 · Score: 4, Insightful
  
  Probably should take computers away from your tech-novice parents, grandparents, children and cats as well (though why you gave your cat a computer in the first place is beyond me). The point of the article is not that spear phishing is new, it's that Graph Search makes it much easier to find a squishy target for your spear.
2. Re:Spear phishing by schneidafunk · 2013-10-18 02:25 · Score: 1
  
  Meh, this is a targeted attack on a "high-profile public figure". Google or his garbage would probably turn up the same result. Granted, it sounds like their approach was the easiest.
  
  --
  Some people die at 25 and aren't buried until 75. -Benjamin Franklin
3. Re:Spear phishing by just_another_sean · 2013-10-18 04:37 · Score: 1
  
  (though why you gave your cat a computer in the first place is beyond me)
  Cause it's just so damn cute!
  
  --
  Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
It's a trap! by koan · 2013-10-18 02:05 · Score: 1

I've noticed one news site that only allows log in via "verified" Facebook accounts, if you really care about topics like privacy, security, then you would close your Facebook account.

--
"If any question why we died, Tell them because our fathers lied."
1. Re:It's a trap! by Registered+Coward+v2 · 2013-10-18 02:31 · Score: 1
  
  I've noticed one news site that only allows log in via "verified" Facebook accounts, if you really care about topics like privacy, security, then you would close your Facebook account.
  Why? Attila T. Hun has always liked a bit of notoriety and FB just expands its reach.
  
  --
  I'm a consultant - I convert gibberish into cash-flow.
Re:Runs only in Chrome on OSX by Anonymous Coward · 2013-10-18 02:22 · Score: 1

It's python. Why can't it be written platform agnostic?
I'm sure it can. But it's always better to focus on one platform when trying to meet a deadline, especially for a demo at an international event.
Has a friend posted a picture of you? by Anonymous Coward · 2013-10-18 02:45 · Score: 3, Insightful

If any friends took a snapshot of you and tagged you with your name, you're in the Matrix.
Re:What if one has no FB ? by Anonymous Coward · 2013-10-18 02:55 · Score: 2, Informative

Yes it's called a shadow profile I believe. They collect information about you based on your friends posts and they store it for when you're finally ready to sign up for their great service! http://www.digitaltrends.com/social-media/what-exactly-is-a-facebook-shadow-profile/
Just goes to show you by Anonymous Coward · 2013-10-18 03:08 · Score: 1

Facebook's "privacy controls" are nothing of the sort because they do not allow you control of your information when that information is found on other people's profiles. Kind of a microcosm of the government's third party doctrine if you ask me.
1. Re:Just goes to show you by Anonymous Coward · 2013-10-18 03:15 · Score: 1
  
  they do not allow you control of your information when that information is found on other people's profiles
  By definition, if it's on someone else's profile then it's not your information, even it if is about you. Go bitch at the person who put it up there if you have a problem with it.
2. Re:Just goes to show you by gl4ss · 2013-10-18 03:46 · Score: 1
  
  how could it? this isn't some world-wide-uk where everyone is celebs and have legal means to shutdown everyone talking about them.
  if you don't want to be mentioned anywhere don't be friends with anyone. don't ever go anywhere.
  even then though probably someone would talk about you as the creepy guy who never goes anywhere.
  as to the presentation.. the guy could have saved everyones time and just linked to facebooks graph search pr.
  
  --
  world was created 5 seconds before this post as it is.
Re:What if one has no FB ? by Anonymous Coward · 2013-10-18 03:15 · Score: 1

It's called "Discovery" and goes hand in hand with a Lawsuit and Lawyer against Facebook.
Re:What if one has no FB ? by cjjjer · 2013-10-18 03:17 · Score: 1

Google also does this with your account profile information by scraping other social sites. I know this for a fact because other than my username I have never (nor had a reason to) view / edit my account profile. With the latest use your Google+ image / Name in ads uprising I checked out my account profile and was shocked that it had all the info from my LinkedIn profile as well info from my twitter account populated.

FYI: The only service I use from Google is mail and I have never used service interoperability between any social account and Google.
Re:What if one has no FB ? by gl4ss · 2013-10-18 03:43 · Score: 3, Informative

If I remember well, I had to optout of some new google feature, 3-4 years ago or so, related to what is g+ now.
Maybe you didn't.
google has pushed g+ a lot.
if you're not on g+, then there's a lot of ways you can join by one clicking by accident. iirc gtalk was turned into g+ too. if you have a youtube account then you're on g+ now("upgrade account" click).
if you're not seeing g+ spam on gdrive and gmail then you might want to check again if you already have a g+ account.

--
world was created 5 seconds before this post as it is.
a bit from the article that caught my eye by way2trivial · 2013-10-18 04:03 · Score: 2

""It's basically not feasible for a human to go to the depths that FBStalker script does," he said."
Pfft-- I beg to differ...

--
every day http://en.wikipedia.org/wiki/Special:Random
Already said... by just_another_sean · 2013-10-18 04:34 · Score: 3, Insightful

Already said a million times or more but *this* is why I am not on Facebook.
Oh wait, I probably am and just don't know it thanks to my "friends". So I guess what I should have said is "this is why I hate Facebook"!

--
Creationist Textbook Stickers Declared Unconstitutional by CowboyNeal
1. Re:Already said... by isorox · 2013-10-18 06:45 · Score: 1
  
  Already said a million times or more but *this* is why I am not on Facebook.
  Oh wait, I probably am and just don't know it thanks to my "friends". So I guess what I should have said is "this is why I hate Facebook"!
  Precisely, you're probably better being on facebook with a locked down profile that you never add, perhaps with some fake photos, than you are ignoring it completely.
  Or you can go with the herd. In nature a lone deer is often killed, while the herd remains safe. Are you sure you're a wolf?
2. Re:Already said... by antdude · 2013-10-18 12:50 · Score: 1
  
  Yeah, that's scary. I registered for a brand new account. Facebook only has my e-mail address and name, but they already had connections to people I know. How the heck? I wished I could know more how it has connections to others. Did people name me? I asked people through other communication means, and they said no. WTF? With my fake accounts, I do not see anyone. It's scary! :(
  
  --
  Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Re:What if one has no FB ? by flimflammer · 2013-10-18 04:59 · Score: 1

if you have a youtube account then you're on g+ now("upgrade account" click).
Not me. I've been very proactive about avoiding G+ (not on privacy grounds primarily but because I have no interest in having pointless social network profiles floating around). My youtube account isn't associated with a G+ account at all.
Maybe it's because my Google account is essentially tied to their domain services and I have all G+ stuff disabled on their dashboard. Trying to go to G+ at all presents me with a nice "Google+ is not available for your organization" message.