Details of 100 million Facebook users published online

Users' personal information cannot now be made private, security consultant says

thepiratebay.org

Screen capture of Facebook directory download

msnbc.com

updated 7/29/2010 8:59:38 AM ET

Share
Print
Font:
+
-

The personal details of 100 million Facebook users have been collected and published online in a downloadable file, meaning they will
now be unable to make their publicly available information private.

However, Facebook downplayed the issue, saying that no private data had been compromised.

The information was posted by Ron Bowes, an online security consultant, on the Internet site Pirate Bay.

Bowes used code to scan the 500 million Facebook profiles for information not hidden by privacy settings. The resulting file, which allows people to perform searches of various different types, has been
downloaded by several thousand people.

This means that if any of those on the list decide to change their privacy settings on Facebook, Bowes and those who have the file will still be able to access information that was public when it was
compiled.

Bowes’ actions also mean people who had set their privacy settings so their names did not appear in Facebook’s search system can now be found if they were friends with anyone whose name was searchable.

'Scary privacy issue'
On his website, www.skullsecurity.org, Bowes said the results of his code were "spectacular," giving him 171 million names of which were 100 million unique.

"As I thought more about it and talked to other people, I realized that this is a scary privacy issue. I can find the name of pretty much every person on Facebook," he wrote.

"Facebook helpfully informs you that "[a]nyone can opt out of appearing here by changing their Search privacy settings" — but that doesn't help much anymore considering I already have them all (and you
will too, when you download the torrent). Suckers!"

"Once I have the name and URL of a user, I can view, by default, their picture, friends, information about them, and some other details," Bowes added. "If the user has set their privacy higher, at the very
least I can view their name and picture. So, if any searchable user has
friends that are non-searchable, those friends just opted into being
searched, like it or not! Oops :)"

He said he discovered the top first name in the list was Michael, followed by John, David, Chris and Mike. The top surnames were Smith, Johnson, Jones, Williams and Brown.

A privacy expert expressed concern at the implications of Bowes' actions. Simon Davies, of campaign group Privacy International, told the BBC that some Facebook users "did not understand the privacy settings
and this is the result."

"Facebook should have anticipated this attack and put measures in place to prevent it," he told the BBC. "It is inconceivable that a firm with hundreds of engineers couldn't have imagined a trawl of this
magnitude and there's an argument to be heard that Facebook have acted
with negligence."

'A little terrifying'
Some users of Pirate Bay shared his concerns.

"This is awesome and a little terrifying," lusifer69 wrote on the site. And another, Porkster, said: "I don't think this is a hack, but a collection from public domain info that people have shared. The
importance of the info is structuring it and allowing someone to search
or compute the data."

However, jak322 said: "I've got to say, who cares. All the info here is already in the public domain, is not sensitive and as a developer I already have access to what could be deemed personal and private data
through the Facebook API."

In a statement emailed to msnbc.com, Facebook agreed, saying the information on the list was already available online.

"People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want," it said.

"Our responsibility is to respect their wishes. In this case, information that people have agreed to make public was collected by a single researcher. This information already exists in Google, Bing,
other search engines, as well as on Facebook," the statement added.

"No private data is available or has been compromised. Similar to a phone book, this is the information available to enable people to find each other, which is the reason people join Facebook. If someone does not
want to be found, we also offer a number of controls to enable people
not to appear in search on Facebook, in search engines, or share any
information with applications.".

Favorite

0 members favorited this

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

Comment by Sweettina2 on July 30, 2010 at 4:54pm: Great, thank you Doc! Headed there now.

Comment by Sweettina2 on July 30, 2010 at 3:55pm: Right on fireguy, I feel the same way! Even scripture says that God will take something meant for evil and turn it for good.
I have never been to Echelon, does sound ominous.

Comment by fireguy on July 30, 2010 at 2:30pm: Facebook is a NWO tool but a tool can be used by both good and evil. I will continue to use any device or means of communication to oppose the NWO that I can get my hands on until they shut down the net or cell phones or radio we need to not be afraid of their scare tactics and illegal activities.

ECHELON is way more scary than facebook or google and that has been around for over a decade.

http://en.wikipedia.org/wiki/ECHELON

ECHELON is a name used in global media and in popular culture to describe a signals intelligence (SIGINT) collection and analysis network operated on behalf of the five signatory states to the UK–USA Security Agreement (Australia, Canada, New Zealand, the United Kingdom, and the United States, known as AUSCANZUKUS).[1][2] It has also been described as the only software system which controls the download and dissemination of the intercept of commercial satellite trunk communications.[3]