Details of 100,000,000 Facebook users aggregated for download…
This week BBC news posted an interesting story:
Personal details of 100m Facebook users have been harvested and published on the net by a security consultant.
Ron Bowles used a piece of code to scan Facebook profiles, collecting data not hidden by the user’s privacy settings.
Time to panic maybe? Well, not perhaps if you keep reading:
The list, which has been shared as a downloadable file, contains the URL of every searchable Facebook user’s profile, their name and unique ID.
Not perhaps so bad then, given the name and URL of every FaceBook user is already available within FaceBook itself – I mean if you are searching for someone, you could go to the FaceBook page, type their name in, then see a list of people with pictures etc, or, you could use this offline data set and just get their URL’s and IDs.
I guess it’s useful if you want to translate a FaceBook id into a name, but for me, this is a bit of a blown-out-of-proportion non-event.
maybe I am missing something?
Leave a Reply
Who?
 | EVP Cyber Product Innovation for Mastercard. Formally the Chief Technology Officer for Intel Secure Home Gateways, CTO for McAfee Enterprise Endpoint, CTO McAfee Innovation team, and Founder/CTO SafeBoot Corp. |
Comments
 | Christopher Burgess on How not to implement smarthome… |
 | Mike on Is Encryption enough? Why just… |
 | Simon Hunt on Is Encryption enough? Why just… |
| Mike on Is Encryption enough? Why just… |
 | Stéphane Pautrel on New S.M.A.R.T Monitor Tool for… |
Simon Says - Musings of a Technology CTO 
Just thinking out loud, but couldn’t this list be used with a few scripts and false profiles to invite people as friends, extract further information as a starting point to a spamming operation?
Also…another blogger has suggested:
– For a lot of cases, you wouldnt need to invite the user as a friend to scrape further data including emails/phone numbers etc
– the url’s may enable you to click through to friends’ profiles (whether they were searchable or not).
I’d say it was quite shocking that noone has done this before, but sad to see the data freely available on the net.
Hey, open a phone book and you’ve got thousands of personal phone numbers along with home addresses, and in some phone books, even the post or zip code. Most of these people never did really agree to have their names and addresses published in a book, they just didn’t want to spend the nearly $50.00 extra per year that the phone company wanted in order to maybe not publish the information. I say maybe because there have been incidents here in London where people paid extra money to the phone company to not be published in the phone book, but were published anyways.