Slashdot Mirror

← Back to Stories (view on slashdot.org)

Facebook Security Keeps a Detailed 'Lookout' List of Threats, Including Users and Former Employees, and Can Track Their Location (cnbc.com)

Posted by msmash on from the closer-look dept.

An anonymous reader shares a report: In early 2018, a Facebook user made a public threat on the social network against one of the company's offices in Europe. Facebook picked up the threat, pulled the user's data and determined he was in the same country as the office he was targeting. The company informed the authorities about the threat and directed its security officers to be on the lookout for the user. "He made a veiled threat that 'Tomorrow everyone is going to pay' or something to that effect," a former Facebook security employee told CNBC. The incident is representative of the steps Facebook takes to keep its offices, executives and employees protected, according to nine former Facebook employees who spoke with CNBC.

The company mines its social network for threatening comments, and in some cases uses its products to track the location of people it believes present a credible threat. Several of the former employees questioned the ethics of Facebook's security strategies, with one of them calling the tactics "very Big Brother-esque." Other former employees argue these security measures are justified by Facebook's reach and the intense emotions it can inspire. The company has 2.7 billion users across its services. That means that if just 0.01 percent of users make a threat, Facebook is still dealing with 270,000 potential security risks.

[...] One of the tools Facebook uses to monitor threats is a "be on lookout" or "BOLO" list, which is updated approximately once a week. The list was created in 2008, an early employee in Facebook's physical security group told CNBC. It now contains hundreds of people, according to four former Facebook security employees who have left the company since 2016. Facebook notifies its security professionals anytime a new person is added to the BOLO list, sending out a report that includes information about the person, such as their name, photo, their general location and a short description of why they were added. In recent years, the security team even had a large monitor that displayed the faces of people on the list, according to a photo CNBC has seen and two people familiar, although Facebook says it no longer operates this monitor.

21 of 51 comments (clear)

  1. You can check out anytime you like by Anonymous Coward · · Score: 4, Insightful

    ,but you can never leave.

  2. Finding the real threats among the noise? by shanen · · Score: 4, Insightful

    On the one hand, I sort of approve of tracking the threats, but on the other hand, who appointed Facebook gawd with the secret inside knowledge of who is and is not a REAL threat that deserves to be tracked?

    Actually, it is quite conceivable to me that Facebook has a high-dimension personality profile of each identity. On that basis they might actually have some real basis to know who is actually dangerous and who is just a noisy fool looking for attention. If that hypothesis is valid, then why doesn't Facebook take the next step of discouraging the noisemakers to make it easier to focus on the actual problems?

    Facebook will NEVER do it because it would require sharing some of the personal information they've collected on us. They'd have to share it WITH us, and heaven forbid that much honesty. It might reduce the value of OUR personal information that Facebook is hoarding.

    Just joking on the theory that Facebook could be more valuable, but it would waste less of my time if the trolls and sock puppets were helped in rendering themselves invisible. (ADSAuPR, atAJG.)

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    1. Re: Finding the real threats among the noise? by Type44Q · · Score: 1

      Sort of, eh? How decisive.

  3. The Church of Facebook by Zorro · · Score: 3, Funny

    The "Church" of Scientology works the same way.

  4. That's a pretty stupid bad guy. by ITRambo · · Score: 4, Interesting

    I have no idea why anyone that genuinely wanted to do damage would advertise it, unless they really wanted to be stopped first. This seems like a made for TV movie.

    1. Re:That's a pretty stupid bad guy. by b0s0z0ku · · Score: 1

      Marko Ramius -- "I'm gonna steal this multi-billion ruble submarine and sail it into New York Harbor ... just TRY and stop me, Russkies. MUHAHAHAHAHA!"

  5. Abuse of multiplication by sacrilicious · · Score: 4, Interesting

    Other former employees argue these security measures are justified by Facebook's reach and the intense emotions it can inspire. The company has 2.7 billion users across its services. That means that if just 0.01 percent of users make a threat, Facebook is still dealing with 270,000 potential security risks.

    Nonsense.

    There are 6 billion people on this planet. If just 1 in a million of them decides they need to hurt me, I've got six thousand people coming to hurt me. Therefor I need to have a permanent police escort, and patrolling of my house, and wear a bullet proof vest at all times. And there's probably some more.

    --
    - First they ignore you, then they laugh at you, then ???, then profit.
    1. Re:Abuse of multiplication by dshk · · Score: 1

      But you have no 1 million people interacting with you. And by the way, from my experience, while 0.01 percent is a bit high, but only a bit. 0.001 or 0.0001 is a better estimate for serious threats.

    2. Re:Abuse of multiplication by geggam · · Score: 1

      Pretty sure you just used math to prove why there is no real threat from terrorism

    3. Re: Abuse of multiplication by Type44Q · · Score: 1

      You don't need to break out the quantitative logic to demonstrate that; the qualitative kind will suffice.

  6. Make a threat against Facebook by Chris+Mattern · · Score: 4, Insightful

    and they call out all the dogs.

    Make a threat against a Facebook user? Not so much.

  7. Stalkers by Shotgun · · Score: 2

    So, can we all sue Facebook for stalking behavior?

    --
    Aah, change is good. -- Rafiki
    Yeah, but it ain't easy. -- Simba
  8. Re: Who's on first? by Type44Q · · Score: 1

    ... when the Revolution comes?

  9. Meh. by PPH · · Score: 2

    Lots of companies do this. Keep track of disgruntled ex-employees or those who make threats against the company or its personnel. And if the threat begins to look credible, they turn that information over to law enforcement authorities to act on it.

    It's possible that this can be abused. If you have a paranoid member of management or one that uses the system to carry out personal retribution. Usually law enforcement is smart enough to figure out if the threats are groundless or malicious. Problems arise when the "security professionals" who are handed this information are empowered as mini police forces by themselves. There are companies that employ armed personnel who step beyond protection and conduct further investigations or other actions posing as police or FBI agents. Conducting "sneak and peak" searches when they have no legal warrants nor the authority to act on them.

    --
    Have gnu, will travel.
    1. Re:Meh. by JaredOfEuropa · · Score: 1

      Lots of companies do this. Keep track of disgruntled ex-employees or those who make threats against the company or its personnel. And if the threat begins to look credible, they turn that information over to law enforcement authorities to act on it.

      That's not unreasonable. But the potential for abuse is a lot less. Most companies will only have your name, address, SSN, and some additional info in your personnel file. FB however is sneaking and peeking all the time. So Imagine a company that has already built up a social profile about you, knows your sexual preferences, tracks what you buy, where you go and where you are, what sites you visit and what news you read, who your friends are, and what your online aliases are... and you are on that company's shit list. That cannot be a comfortable thought.

      --
      If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
    2. Re:Meh. by PPH · · Score: 1

      FB however is sneaking and peeking all the time.

      I wonder if they are actually entering subjects residences as if they were real live cops executing search warrants. This has been done by others.

      --
      Have gnu, will travel.
  10. Who freely chooses to use Facebook? by shanen · · Score: 2

    Are you trying to claim that the consent was informed? If so, I dismiss you as some sort of Libertarian. If not, then it is possible we have some underlying agreement on at least some aspects of the problem.

    Potentially a distracting topic, but I mostly don't waste time with Libertarian BS these days. Last Libertarian-slanted book was Nudge , which was basically a paean to clever manipulation of the suckers for their own good.

    Though I have basically started avoiding Libertarians in recent years, back when I "encountered" them more frequently I mostly concluded that they didn't have much understanding of what "liberty" or "freedom" mean--even though I admit my own understanding was relatively limited at that time. The first part of my Slashdot sig is dated and font-constrained here, but it captures some of my evolution on the topic. Now I think freedom exists, but it ain't easy.

    On the other side, there seem to be an increasing number of materialists who disavow the idea of human freedom. They see humans as quite limited and easily manipulated machines. Currently reading 21 Lessons for the 21st Century by Yuval Noah Harari, and so far he seems to be taking that position on the issue.

    In answer to the new Subject: question, I was asked by friends to communicate via Facebook. I still hate Facebook as a tool, and just made a kind of resolution to limit my usage of the tool, but it's also "The poor craftsman who blames his tools." But it's also the poor craftsman who doesn't know the differences among tools and who doesn't want the best tool for each job.

    --
    Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    1. Re:Who freely chooses to use Facebook? by drinkypoo · · Score: 1

      Informed? Not by Faceboot. But by the hundreds of articles on the subject of their ubiquitous tracking, spying, etc. And by "the users" I don't mean only the direct provision of information by users themselves, but also the other users who provide information about other people by uploading pics and tagging them, gossiping about them, and the like. Remaining willfully ignorant is a choice. Not running a script blocker is a choice. Not running a cookie manager is a choice. Choosing a platform which makes those things hard is a choice. Facebook isn't magical, they depend on users acting dumb for their power. They can't wish their way to panopticon, they have to be given that position by countless hordes of the hear no evil, see no evil crowd.

      This stuff is in the news constantly, and on people's lips as well. If people choose to block out information they find troubling, only further trouble follows.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    2. Re:Who freely chooses to use Facebook? by shanen · · Score: 1

      I'm not doubting your evidence, but I still can't figure out your perspective. However, because I suspect you are blaming the victims it makes me think you are trying to frame the discussion from a Libertarian perspective, where it is "normal" to blame the victims because the Libertarians always think that they themselves are just too damn smart to be victimized. There are various responses (mostly related to information imbalances) that I could offer to your analysis, but if your framing of the "problem" is fundamentally "broken", then it would be a waste of time (for both of us).

      Somewhat peripheral, but I think this is a related analysis. Some people are negatively deranged to believe Obama is a Kenyan Muslim Black Panther and Hillary is a super-criminal worse than El Chapo. However it is mostly the SAME people who are positively deranged to believe that Trump is honest and self-made. Maybe your framing is realistic, but you might be leading with your straight cards, like the Obama hater who starts with the "But he was a pothead" attack.

      (P.S. I do not think I am deranged to hate liars--but...)

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
    3. Re:Who freely chooses to use Facebook? by drinkypoo · · Score: 1

      I'm actually left of left, including being left of nobel-prize-for-drone-strikes Obama. I don't think Hillary is personally worse than El Chapo, I think Trump is the biggest shitheel around, etc. But I'm also pro personal responsibility where personal responsibility makes sense. The tools are available. I'm equally disgusted with people who don't read their car's owner's manual.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Who freely chooses to use Facebook? by shanen · · Score: 1

      Okay, on that basis I will attempt to respond that it's (once again) a matter of time and prioritization. For example, I have stacks of manuals and supporting information around here, and I even used to read computer language manuals from cover to cover, but my time is limited. As I've grown older I've become more aware of how limited my time is to the point where my second email sig is now "It took me so long to learn patience that now I have no time to be patient!" I just can't RTFM (and all the manuals I've seen for Facebook are strong on the F).

      Even worse, there are bad actors who will deliberately hide crucial information, or bury it in mountains of trivia. There are cases beyond that, as when what seems to be a non-adversarial relationship actually is adversarial, and I think that is largely the situation in Facebook's case. For all of these reasons, I don't think that the victims of Facebook (including yours truly) deserve as much opprobrium and scorn as you want to heap on them.

      One more thing. I really doubt anyone fully understood the evil of Facebook while it was being created. Even Zuckerberg was mostly steering blind, though I think he may have "smelled" the power or the money or something lurking in the area. If I was sure that Zuck was evil, then I'd say he was eager to make a deal with the devil, but based on the books I've read about Facebook, I think he just woke up in bed with the devil, but it was okay with him because he was on the money side of the bed.

      P.S. Your ad hominem stuff about politicians mostly seems justified, though I think you might be a bit nutty if you regard Obama as some sort of leftist. I would say that Obama is weakly principled but was effectively guided by pragmatism, while Hillary's true principles are probably pretty far to the left, though they are completely masked by her indoctrination as a lawyer. In contrast, I would say that Trump is completely unprincipled and delusional. #PresidentTweety may actually believe he's self-made and I definitely think he believes his own lies, at least for the instant in which he is lying. The interesting aspect of Trump is the volition element. He doesn't have any bad will to deceive, because the truth is irrelevant to him. Trump's bad will is to make the "thing" do what he wants. (The sociopathic aspect of Trump's "personality" sees all human beings as "things" to be manipulated.)

      P.P.S. I feel like I was suckered into the Trump topic. I just promised to avoid all things Trump for the next few weeks... It's apparently quite hard to extirpate all things Trump. For example, the name keeps popping up in books published long before he entered politics.

      --
      Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.