The problem with security is that people have to understand before they can be secure. So what happens when Facebook provides better security measures, and yet people fail to use them?
100 million Facebook pages get scraped and hosted on a torrent site.
According to Thinq, the files (scraped by a man named Ron Bowes of Skull Security) contain the personal data includes the given names and URL of each user. Of course someone looking at that information can then glean a wealth of other items such as the ability to click through to that user’s friends, even if those profiles are non-searchable.
The interesting part? None of this is illegal.
Because the information is publicly available, all that Bowes did was wrap it up into a single, neat package. The question that arises, of course, is what will be learned from it. Will this be a case-in-point lesson about security for users, or will Facebook once again come under fire? The fact is, Facebook provided the ability to secure a user’s page…but you can only lead a horse to water.
Yikes, I hope this is a lesson learned for both Facebook and the users who left their accounts public.
I donno. You can’t assume everybody is going to be savvy enough to be able to properly secure their accounts. Offices don’t assume that, it’s why they have admins who set up everyone’s computer and software usually. If Facebook cared about this issue significantly, they would have made sure that the default privacy settings would be secure enough to not have this happen. Clearly it wasn’t all that important to them…
Of course, it’s not that important to me either. So someone can see my facebook? Congrats. You now have a wealth of useless information in a sea of useless information. The only real useful thing on there is my birthday, which is in the hall of public records somewhere. Though for those who were posting their SSN on facebook, you may have bigger problems.
SkullSecurity is down…
Lucky I signed their feed few months ago ;-)