or Connect
AppleInsider › Forums › General › General Discussion › Facebook bug exposes personal information of 6M users
New Posts  All Forums:Forum Nav:

Facebook bug exposes personal information of 6M users

post #1 of 24
Thread Starter 
A Facebook security bug that has been in existence since last year was discovered this week, but only after the contact information of six million users had been exposed.

Facebook


Facebook acknowledged the bug's existence in a blog post on Friday, saying the error has existed on its servers since last year and has so far affected six million accounts, reports TechCrunch.

The bug, found by independent researchers through the company's White Hat program, exposes the personal contact information of certain accounts. According to the report, email addresses and phone numbers could be viewed by people who had "had some contact information about that person or some connection to them."

According to the company, the bug relates to the social network's friend discovery process.

When people upload their contact lists or address books to Facebook, we try to match that data with the contact information of other people on Facebook in order to generate friend recommendations. For example, we don?t want to recommend that people invite contacts to join Facebook if those contacts are already on Facebook; instead, we want to recommend that they invite those contacts to be their friends on Facebook.
The bug caused some of the data used to connect with friends to be stored alongside a person's contact information. By using the Download Your Information tool, people were granted access to a user's private email addresses and phone numbers that would otherwise be hidden.

The DYI tool has since been deactivated as Facebook flushes the bug from its system.
post #2 of 24
Way to go FB !
How anybody can trust these people with any info is beyond me.

I dunno, the whole idea of being a "friend" in the cyber sense is a little weird. 1biggrin.gif
post #3 of 24
Facebook Privacy, an oxymoron if ever there was one.
post #4 of 24
No one should be allowed to upload their contacts. Did they ask those contacts if they wanted their address and phone numbers sent to FaceBook?
post #5 of 24
"as Facebook flushes the bug from its system" haha. Something tells me that in the future there will be more and more of these "bugs", planted by private individuals, the government or Facebook itself. I'm on the verge of dumping this FB once I find a better way to stay in touch with friends abroad (probably just email). I only use FB it to reply to messages that were sent to me, which is very rare, given that they are mining all of my data.

BTW does anyone else think that FB has one of the worst designs for a website? Ads are a given, but having a "home" page and a "profile" page with redundant elements and a clunky UI, it's garbage. How does an awkward, nerd like Zuckerberg sell himself on being a social wizard? Can't wait to see this fad die, its just a matter of time.
post #6 of 24

Every company with a medium to larger user base has had security holes uncovered, from Facebook to Microsoft to Apple to Google to Amazon to credit companies to banks.

 

It's a fact of life, unless one abstains from participating in anything online.

post #7 of 24
Quote:
Originally Posted by StruckPaper View Post

Every company with a medium to larger user base has had security holes uncovered, from Facebook to Microsoft to Apple to Google to Amazon to credit companies to banks.

 

It's a fact of life, unless one abstains from participating in anything online.

 

True, but for what it's worth, not every company profits equally by collecting, storing long-term, analyzing and selling the data. That's bread-and-butter for Facebook and Google, while Apple collects much less data, and stores even less. I agree--worry about ALL companies. Just not equally.

 

Disclaimer: I loathe Facebook. NO I don't want to join your little social game! Bad friend!

post #8 of 24
It's really simple. Fine these companies such a huge amount every time they leak information, hack or bug. Once or twice being fined it should stop.
post #9 of 24
Quote:
Originally Posted by nagromme View Post

 

Disclaimer: I loathe Facebook. NO I don't want to join your little social game! Bad friend!

 

Sending me a game request puts that "friend" on the fast track to being "unfriended."

post #10 of 24
Quote:
Originally Posted by Radjin View Post

It's really simple. Fine these companies such a huge amount every time they leak information, hack or bug. Once or twice being fined it should stop.

Can't fine for hacks. Fining for bugs would work, though.

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply
post #11 of 24

Originally Posted by Radjin View Post

No one should be allowed to upload their contacts. Did they ask those contacts if they wanted their address and phone numbers sent to FaceBook?

 

YES!  This is the problem with today's careless society.  It wasn't long ago when you would never have to be concerned with your friends giving your personal information to various corporations, because they would just never dream of it.  Now it's the ugly norm.  People are only concerned with their convenience, and you have to constantly remind people if you don't want to be in some third-pary corporate storehouse of personal data, and even still, some people can't get it through their thick skulls. :-(

 

The only way to manage this is to ask your friends to NOT put your information into their electronic databases, period.  There's just no other way to manage it. Yes, it's inconvenient for them, but it's my information, so tough shit!

No Matte == No Sale :-(
Reply
No Matte == No Sale :-(
Reply
post #12 of 24
Quote:
Originally Posted by Radjin View Post

It's really simple. Fine these companies such a huge amount every time they leak information, hack or bug. Once or twice being fined it should stop.

 

I'd like to think it was that simple, but the truth is, just having all this data in massive online storehouses makes it nearly impossible to be 100% secure.  Software is complex, and there are many layers for bugs to creep in.

 

Not that I'm opposed to imposing huge fines, I think that would help.  It's just not going to solve the problem entirely.  Mostly, the problem is social.  People think it's okay to send OTHER people's information around on the internet, and that's just flat out wrong.

No Matte == No Sale :-(
Reply
No Matte == No Sale :-(
Reply
post #13 of 24
Quote:
Originally Posted by Blah64 View Post

YES!  This is the problem with today's careless society.  It wasn't long ago when you would never have to be concerned with your friends giving your personal information to various corporations, because they would just never dream of it.  Now it's the ugly norm.

Heck, I was raised to NEVER give out any personal information, not even a real name, to anyone online! That's how suitable people were raised on the Internet.

"Ugly norm" isn't bad... I'll try to think of something more fiendish and descriptive...

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply
post #14 of 24
Quote:
Originally Posted by Nick29 View Post

I'm on the verge of dumping this FB... Can't wait to see this fad die, its just a matter of time.

 

perhaps these 7 more reasons will help you clear The Verge and have this fad be dead:

 

http://www.forbes.com/sites/timmaurer/2013/06/20/7-reasons-i-dumped-facebook/

post #15 of 24

My Facebook account is a non de plume and I like it that way.  No real personal info is used.  My friends know who I am and get the little play on words in my name.  Technically this violates FB rules, but really, who cares?  Oh geez I broke the rules at Facebook.  I'm such a criminal.

post #16 of 24

Possibly the least flabbergasting thing I've seen all week.

post #17 of 24
Quote:
Originally Posted by Nick29 View Post

"as Facebook flushes the bug from its system" haha. Something tells me that in the future there will be more and more of these "bugs", planted by private individuals, the government or Facebook itself. I'm on the verge of dumping this FB once I find a better way to stay in touch with friends abroad (probably just email). I only use FB it to reply to messages that were sent to me, which is very rare, given that they are mining all of my data.

BTW does anyone else think that FB has one of the worst designs for a website? Ads are a given, but having a "home" page and a "profile" page with redundant elements and a clunky UI, it's garbage. How does an awkward, nerd like Zuckerberg sell himself on being a social wizard? Can't wait to see this fad die, its just a matter of time.

Mail works best for me as well. To me, there's nothing social about the medium. People hang out their laundry, doesn't matter if it's dirty. It's mostly: "look what I bought" kinda posts.

And their website is indeed awful. Can't even upload a picture through an URL.
Quote:
Originally Posted by WelshDog View Post

My Facebook account is a non de plume and I like it that way.  No real personal info is used.  My friends know who I am and get the little play on words in my name.  Technically this violates FB rules, but really, who cares?  Oh geez I broke the rules at Facebook.  I'm such a criminal.

Lol. Mark is the real criminal here:
http://www.guardian.co.uk/technology/2012/may/18/mark-zuckerberg-facebook
http://www.businessinsider.com/how-mark-zuckerberg-hacked-into-the-harvard-crimson-2010-3

A rare insight into his teenage mind came to light in 2010, when the Business Insider website published a series of instant messaging conversations between Zuckerberg and his Harvard college friends in 2004. The correspondence is notable both because it exposed a steely ambition but also because Zuckerberg's machine-gun-fire missives were remarkably close to his unusually flat way of speaking.

Zuckerberg appeared to confirm in one message that he secretly hacked into the website of the Harvard University newspaper, the Crimson, by guessing the emails and passwords of two people in the college database.

"So I want to read what they said about me before the article came out and after I complained," he told one friend. "So I'm just like trying the email/passwords of everyone who put that they're in the Crimson. I wonder if the school tracks stuff like that."

In another message, Zuckerberg joked that 4,000 people had submitted emails, pictures and addresses to his budding Harvard social network. "People just submitted it ... I don't know why ... They 'trust me' ... dumb fucks."
"See her this weekend. You hit it off, come Turkey Day, maybe you can stuff her."
- Roger Sterling
Reply
"See her this weekend. You hit it off, come Turkey Day, maybe you can stuff her."
- Roger Sterling
Reply
post #18 of 24
Mark Suckerdick had one good idea, have a site that women can chat over and men can see if women are single, from that point on its been one bad idea and design after another. Every time they try to do something to the (initially poorly designed) site, it gets worse and less usable. Now it's just a privacy nightmare that grasses you up about everything you do and say.
post #19 of 24
I rejoined FB recently just to see if it had changed much. The first thing it asked was could it access my Contacts? ... I said no (fracking way). I also have Little Snitch on 24/7 so I am reasonably confident I am ok but anyone who click 'yes' to that initial question seems to have nothing to complain about IMHO ... 'stupid is as stupid does' ...

BTW I still don't quite see the point of it. If I want to show my friends and family pictures I use my Aperture / Photo Stream if I want to write to them I use email ...
Edited by digitalclips - 6/22/13 at 7:36am
Use duckduckgo.com with Safari, not Google Search
Been using Apples since 1978 and Macs since 1984
Long on AAPL so biased. Strong advocate for separation of technology and politics on AI.
Reply
Use duckduckgo.com with Safari, not Google Search
Been using Apples since 1978 and Macs since 1984
Long on AAPL so biased. Strong advocate for separation of technology and politics on AI.
Reply
post #20 of 24

This is terrible! I'm praying for all the victims! /s

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #21 of 24
Quote:
Originally Posted by PhilBoogie View Post

Zuckerberg appeared to confirm in one message that he secretly hacked into the website of the Harvard University newspaper, the Crimson, by guessing the emails and passwords of two people in the college database.

"So I want to read what they said about me before the article came out and after I complained," he told one friend. "So I'm just like trying the email/passwords of everyone who put that they're in the Crimson. I wonder if the school tracks stuff like that."

In another message, Zuckerberg joked that 4,000 people had submitted emails, pictures and addresses to his budding Harvard social network. "People just submitted it ... I don't know why ... They 'trust me' ... dumb fucks."

 

It's my opinion that Zuckerberg is a kind of intelligent sociopath. Not quite immoral, but believes "the rest of us" are stupid and deserve to be exploited. Social norms and human relations are just another challenge for him to hack.

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply

"Apple should pull the plug on the iPhone."

John C. Dvorak, 2007
Reply
post #22 of 24

One more reason to be glad that I logged out and haven't so much as looked at Facebook in over 18 months...

 

Removed all my 'personal' data (what little there was), photos, history, messages, the works. Reduced it to a 'generic' account for all intents and purposes, and 'deactivated' it (notable that FB doesn't allow you to DELETE your account).

 

And just walked away… I still stay connected with all the real friends I had there… I don't need FB for that. So nothing lost except one less channel of opportunity for privacy issues to crop up.

post #23 of 24
Quote:
Originally Posted by tribalogical View Post

(notable that FB doesn't allow you to DELETE your account).

Make up a fake death certificate for yourself; they'll let you delete it.

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply

Originally Posted by asdasd

This is Appleinsider. It's all there for you but we can't do it for you.
Reply
post #24 of 24
Quote:

Originally Posted by tribalogical View Post

 

re: (notable that FB doesn't allow you to DELETE your account).

 

NOT TRUE!

 

here's how to DELETE (not just re-activate) your FB account from multiple sources (just google for "delete facebook account" :D):

 

https://www.facebook.com/help/224562897555674

 

https://ssl.facebook.com/help/contact.php?show_form=delete_account

 

http://deletefacebook.com/

 

http://www.wikihow.com/Permanently-Delete-a-Facebook-Account

New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Facebook bug exposes personal information of 6M users