Results 1 to 13 of 13

Thread: Anger mounts after Facebook's 'shadow profiles' leak in bug

  1. #1
    Senior Member Harlette's Avatar
    Join Date
    Nov 2012
    Location
    Narnia
    Posts
    5,507
    Rep Power
    21474848

    Anger mounts after Facebook's 'shadow profiles' leak in bug

    Friday Facebook announced the fix of a bug it said inadvertently exposed the private information of over six million users when Facebook's previously unknown shadow profiles accidentally merged with user accounts in data history record requests.

    According to Reuters, the data leak spanned a year beginning in 2012.
    facebook shadow profiles

    The personal information leaked by the bug is information that had not been given to Facebook by the users - it is data Facebook has been compiling on its users behind closed doors, without their consent.

    A growing number of Facebook users are furious and demand to know who saw private information they had expressly not given to Facebook.

    Facebook was accidentally combining user's shadow profiles with their Facebook profiles and spitting the merged information out in one big clump to people they 'had some connection to' who downloaded an archive of their account with Facebook's Download Your Information (DYI) tool.

    According to the admissions in its blog, posted late Friday afternoon, Facebook appears to be obtaining users' offsite email address and phone numbers and attempting to match them to other accounts. It appears that the invisible collected information is then being stored in each user's 'shadow profile' that is somehow attached to accounts.

    Users were clearly unaware that offsite data about them was being collected, matched to them, and stored by Facebook.

    Looking at comments on Facebook's blog and community websites such as Hacker News, Facebook users are extremely angry that the phone numbers and email addresses that are not-for-sharing have been gathered and saved (and now accidentally shared) by Facebook.

    Facebook stated in its post yesterday that the bug was resolved, but Facebook users are telling a different story today in the comments.

    One man commented this afternoon, "I just downloaded the "extended backup" and I'm still viewing emails and phone numbers that are NOT PUBLIC!!!!"

    Facebook explained in its post that the bug shared information about a user that had been scraped from a source other than the personal data the user had ever entered into Facebook about themselves.

    The action of the bug is that if a user downloaded their own Facebook history, that user would also download email addresses and phone numbers of their friends that other people had in their address books, without their friends ever knowing Facebook had gathered and stored that information.

    This data is being gathered by Facebook about individuals through their friends' information about them - harvested when a user grants Facebook address book or contact list access.

    Facebook did not specify which app or contact database tool was utilized when collecting and matching offsite-sourced data about users.

    The social network said that it was harvesting and matching the offsite-sourced data to user profiles - creating these shadow profiles - "to better create friend suggestions" for the user.

    Facebook users are deftly reading between the lines. One commenter on Hacker News observed wisely,

    The blog says the fix was made in the DYI tool. That means they would continue to maintain "shadow profiles", but would stop letting others know that FB has a shadow profile on you.

    Facebook's post downplays the significance of the data breach by telling users that while six million accounts were exposed, very few people saw the personal phone and email data because it could only be seen when a user downloaded their Facebook history.

    The social giant assured users their shadow profiles were shared only with Facebook users they were somehow connected to,

    if a person went to download an archive of their Facebook account through our Download Your Information (DYI) tool, they may have been provided with additional email addresses or telephone numbers for their contacts or people with whom they have some connection.

    Facebook did not specify in its post what is meant by "somehow connected to" and comment speculation is attempting to fill in the gaps.

    According to Reuters, who spoke with a Facebook representative, the data was being exposed in this manner for about a year.

    What the revelation means is that Facebook has much more information on us than we know, it may not be accurate, and despite everyone's best efforts to keep Facebook from knowing our phone numbers or work email address, the social network is getting our not-for-sharing numbers and email addresses anyway by stealing them (albeit through 'legitimate' means) from our friends.

    The yearlong gap of exposure as described by Reuters creates a scenario of horrifying possibilities for any woman who has begin to experience harassment, abuse or stalking by an ex within the past year. Or, anyone being maliciously stalked and harassed by a tech-savvy aggressor (or a stalker's Facebook sock puppet) they may have accidentally friended over the past year.

    This could be remedied and harm would be greatly reduced if Facebook addressed and answered the growing demands of its users to know who has seen their non-Facebook private data.

    What it means for me is that even though I've been very careful not to give my phone number to Facebook or the men in my "friends," the guys I've 'friended' might have gotten my phone number anyway, irregardless of my consent. I did not know they may have been able to get my phone number throughout the course of a year, and now I have no way of finding out who might have gotten my phone number.

    I am glad I've never used a Facebook app or allowed Facebook access to my contacts in any way whatsoever. (Yay paranoia.) The private numbers and emails of my friends and colleagues should remain exactly that: private.

    Facebook has officially stated that it does not know of any malicious use derived from the bug.

    This appears to be the first time Facebook has publicly admitted that users' shadow profiles contain more than native data (such as posts or information you deleted but are retained by Facebook) and also contain data that Facebook has harvested.

    Meanwhile, anger continues to rise on the Facebook post, and as of this writing there are no representatives from Facebook in the comments to quell the storm.
    http://www.zdnet.com/anger-mounts-af...ug-7000017167/

  2. #2
    Rational Republican Chauncy's Avatar
    Join Date
    Mar 2007
    Posts
    29,892
    Rep Power
    21469415
    Facebook users say:

    Don't care, im a reality star. Ill give all my info to them as long as i can check in and post status updates about where i am, where i am going and what i am eating.

  3. #3
    Senior Member Sneakers the Wonder Dog's Avatar
    Join Date
    Mar 2013
    Location
    If I told you then I'd have to find a new place to hide
    Posts
    5,614
    Rep Power
    21474848
    And people are whining about the NSA
    http://mydeathspace.com/vb/signaturepics/sigpic83661_1.gif

  4. #4
    Rational Republican Chauncy's Avatar
    Join Date
    Mar 2007
    Posts
    29,892
    Rep Power
    21469415
    Quote Originally Posted by Sneakers the Wonder Dog View Post
    And people are whining about the NSA

    Great point. Also they are whining about them on FACEBOOK!!!!!!!!

  5. #5
    Senior Member Sneakers the Wonder Dog's Avatar
    Join Date
    Mar 2013
    Location
    If I told you then I'd have to find a new place to hide
    Posts
    5,614
    Rep Power
    21474848
    Quote Originally Posted by Chauncy View Post
    Great point. Also they are whining about them on FACEBOOK!!!!!!!!
    Boggles the mind.
    http://mydeathspace.com/vb/signaturepics/sigpic83661_1.gif

  6. #6
    Senior Member sarabei's Avatar
    Join Date
    Mar 2007
    Posts
    5,024
    Rep Power
    16097341
    Dayum!!!

  7. #7
    NOT SAME CAT Fleta's Avatar
    Join Date
    Jul 2006
    Location
    Portland, OR
    Posts
    6,319
    Rep Power
    21474856
    Irregardless.

  8. #8
    Moderator bowieluva's Avatar
    Join Date
    Mar 2007
    Posts
    65,551
    Rep Power
    21474914
    If you're dumb enough to plan your revolution, sexual indiscretion, or crime on Facebook, you pretty much deserve to be caught.

  9. #9
    Senior Member Sneakers the Wonder Dog's Avatar
    Join Date
    Mar 2013
    Location
    If I told you then I'd have to find a new place to hide
    Posts
    5,614
    Rep Power
    21474848


    http://mydeathspace.com/vb/signaturepics/sigpic83661_1.gif

  10. #10
    Senior Member blighted star's Avatar
    Join Date
    Jan 2013
    Location
    Probably South Of You
    Posts
    11,280
    Rep Power
    21474854
    Quote Originally Posted by Sneakers the Wonder Dog View Post


    Quick! Hadn't you better say yes?

  11. #11
    Senior Member
    Join Date
    Feb 2013
    Location
    polishing my crystal ball
    Posts
    1,683
    Rep Power
    0
    Your supermarket discount cards are "collecting information".

  12. #12
    fun hater Shins's Avatar
    Join Date
    Nov 2012
    Location
    Detroit
    Posts
    13,591
    Rep Power
    21474856
    If you're not doing anything illegal or heinous, then there's no reason to give a shit if you're being tracked. You should assume you already are, given the power of the internet, and the way governments and banks run the world these days.

    Humans are their worst enemies... they want to control the planet, but they want their own lives to be perfectly confidential. What a crock.
    Quote Originally Posted by bowieluva View Post
    Listen, if no one cares when a crazy noodle walks in and executes children with a gun, no one cares about anything.

  13. #13
    Senior Member Sneakers the Wonder Dog's Avatar
    Join Date
    Mar 2013
    Location
    If I told you then I'd have to find a new place to hide
    Posts
    5,614
    Rep Power
    21474848
    Quote Originally Posted by Shins View Post
    If you're not doing anything illegal or heinous, then there's no reason to give a shit if you're being tracked. You should assume you already are, given the power of the internet, and the way governments and banks run the world these days.

    Humans are their worst enemies... they want to control the planet, but they want their own lives to be perfectly confidential. What a crock.
    Bingo!
    http://mydeathspace.com/vb/signaturepics/sigpic83661_1.gif

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •