News:

I hope she gets diverticulitis and all her poop kills her.

Main Menu

Facebook privacy violations!

Started by Triple Zero, January 20, 2010, 11:01:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Triple Zero

January 20, 2010, 11:01:00 PM
http://www.schneier.com/blog/archives/2010/01/privacy_violati.html

apparently any facebook employee can click a button, type "possible compromised account" and log in as whatever account they want! :)
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Bu🤠ns

#1
January 21, 2010, 12:27:26 AM
Are there actually any social networking sites that don't have some sort of access to the database like that?

Triple Zero

#2
January 21, 2010, 12:51:11 AM
i don't understand your question. of course social networking sites have access to that database, how would they be a social networking site? i was talking about the employees.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Bu🤠ns

#3
January 21, 2010, 01:00:29 AM
That's what i mean too...I just sort of assume that all the content is accessible by employees in some fashion or other.  Also happens to be why I dont' use them.

Faust

#4
January 21, 2010, 01:07:37 AM
You mean like content moderators?
Sleepless nights at the chateau

Reginald Ret

#5
January 21, 2010, 01:08:12 AM
An ethical social networking site should make private info unaccesible.
Lord Byron: "Those who will not reason, are bigots, those who cannot, are fools, and those who dare not, are slaves."

Nigel saying the wisest words ever uttered: "It's just a suffix."

"The worst forum ever" "The most mediocre forum on the internet" "The dumbest forum on the internet" "The most retarded forum on the internet" "The lamest forum on the internet" "The coolest forum on the internet"

Template

#6
January 21, 2010, 01:41:38 AM
You're saying the procedure for evaluating "possible compromised accounts" has been excessively streamlined, such that any employee can "evaluate" said accounts without need for any other check or balance?

Bu🤠ns

#7
January 21, 2010, 02:04:15 AM
Quote from: Faust on January 21, 2010, 01:07:37 AM
You mean like content moderators?
I suppose so..i mean i just don't feel comfortable with those sites since there's too many middle people between me and my recipient.  If the possibility for PI to be observed is out there, chances are it will probably be abused in some way.

Faust

#8
January 21, 2010, 02:06:00 AM
Quote from: Burns on January 21, 2010, 02:04:15 AM
Quote from: Faust on January 21, 2010, 01:07:37 AM
You mean like content moderators?
I suppose so..i mean i just don't feel comfortable with those sites since there's too many middle people between me and my recipient.  If the possibility for PI to be observed is out there, chances are it will probably be abused in some way.
It was a question, if Administrators can do it ok. But if any of the multitude of content moderators can do this freely I'd be really worried, I've heard of them snooping on their friends/girlfriends/bosses and thats without the ability to log into their accounts.
Sleepless nights at the chateau

Shibboleet The Annihilator

#9
January 21, 2010, 04:36:13 AM
PROTIP: If you have information you consider personal, DO NOT POST IT ON FACEBOOK... OR ANYWHERE ON THE INTERNET!

Triple Zero

#10
January 21, 2010, 02:34:24 PM
Quote from: yhnmzw on January 21, 2010, 01:41:38 AM
You're saying the procedure for evaluating "possible compromised accounts" has been excessively streamlined, such that any employee can "evaluate" said accounts without need for any other check or balance?

I mean, click the link and read the article, then make up your own mind :roll: Look, I'm willing to post a short summary with a link, or sometimes an extract, but if you need your information regurgitated to you, ask someone else.

Quote from: Slanket the Destroyer on January 21, 2010, 04:36:13 AMPROTIP: If you have information you consider personal, DO NOT POST IT ON FACEBOOK... OR ANYWHERE ON THE INTERNET!

Why thank you, Captain Obvious ... Good advice that is completely missing the point, however.

Quote from: Faust on January 21, 2010, 02:06:00 AM
Quote from: Burns on January 21, 2010, 02:04:15 AM
Quote from: Faust on January 21, 2010, 01:07:37 AM
You mean like content moderators?
I suppose so..i mean i just don't feel comfortable with those sites since there's too many middle people between me and my recipient.  If the possibility for PI to be observed is out there, chances are it will probably be abused in some way.
It was a question, if Administrators can do it ok. But if any of the multitude of content moderators can do this freely I'd be really worried, I've heard of them snooping on their friends/girlfriends/bosses and thats without the ability to log into their accounts.

Indeed. And I get from the article the idea that it's not even just content moderators, but just about any "engineer".

And while I applaud the fact that Facebook instantly fires people whenever such abuse is discovered, I'd rather have them fix their protocols so that there can not be any abuse, or at least that the number of trusted* people is as small as possible.

*in security terminology "trusted" is defined as "capable of causing security breach".
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.
Print
Go Up Pages1
User actions