Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Open Source Utilities For Facebook Privacy

CmdrTaco posted more than 4 years ago | from the can-you-see-me-now dept.

Privacy 154

dward90 writes "Two online projects will scan and edit Facebook privacy settings for maximum protection: ReclaimPrivacy (reclaimprivacy.org) and SaveFace (untangle.com). The article says: 'Several new applications have launched this week that are designed to easily reset a Facebook member's privacy settings, following new changes from the company that make a sizable chunk of profile content public by default when it was once kept under lock and key.'"

cancel ×

154 comments

Sorry! There are no comments related to the filter you selected.

Is It Just Me ... (4, Interesting)

WrongSizeGlass (838941) | more than 4 years ago | (#32254712)

... or is it just a bad idea to be able to change privacy settings via Facebook's API? Couldn't some other site/service "open the flood gates" instead of locking them down?

Re:Is It Just Me ... (2, Insightful)

Anonymous Coward | more than 4 years ago | (#32254858)

Just about everything about Web 2.0 sites is a bad idea.

The privacy problems are well known.

The general stupidity of the users is well known (and often exploited by both the sites themselves and others).

The technology the sites use is often shitty (NoSQL, mainly).

Web 2.0 sites are about doing things as wrong as possible, but becoming popular thanks to the stupidity of people as a whole.

Re:Is It Just Me ... (1)

K. S. Kyosuke (729550) | more than 4 years ago | (#32255058)

What is so wrong with not using SQL? Even if you do use relational databases, SQL as such should have been replaced by a proper relational query language ages ago.

Re:Is It Just Me ... (2, Informative)

Anonymous Coward | more than 4 years ago | (#32255472)

Is that a serious question?

Relational databases can do anything and everything that any NoSQL "database" can do. But unlike NoSQL "databases", relational databases don't go randomly losing data, don't go corrupting data, allow for proper normalization, allow for much better performance, allow for transactions, and in general are always a much better idea.

The only reasons people gravitate to NoSQL databases and architectures are:
1) They're ignorant of how to properly use a relational database.
2) They're doing it just because it's the "cool" or "trendy" thing to do.

The fact that SQL hasn't been replaced in 40 years shows that it's working okay for most people, even if it isn't perfect.

Re:Is It Just Me ... (1)

MoralHazard (447833) | more than 4 years ago | (#32256080)

In other news, YHBT. HAND.

Re:Is It Just Me ... (2, Insightful)

icebraining (1313345) | more than 4 years ago | (#32255344)

The technology the sites use is often shitty

Says the guy posting in a site written in Perl.

Re:Is It Just Me ... (3, Informative)

0100010001010011 (652467) | more than 4 years ago | (#32254964)

You can't. And neither of these tools do.

You have to drag them from their website to your toolbar. Go to facebook, click on them. The javascript scrapes the website and either validates the settings (reclaim) or just sets everything to 'friends only' (save face).

I've tested both and they seem to work just fine.

I bet facebook releases a change in the html to break the scraper soon though.

Re:Is It Just Me ... (1)

commodore64_love (1445365) | more than 4 years ago | (#32255030)

RECLAIM doesn't seem to work. It tells me I have vulnerabilities, but when I click "fix" it doesn't fix the problems.

SAVEFACE - I'm not sure. It does something, but whether or not it actually worked is a mystery.

Re:Is It Just Me ... (0)

Anonymous Coward | more than 4 years ago | (#32255098)

RECLAIM doesn't seem to work. It tells me I have vulnerabilities, but when I click "fix" it doesn't fix the problems.

You're vulnerability is using Facebook. To "fix" this you need to delete your account.

Re:Is It Just Me ... (1)

eleuthero (812560) | more than 4 years ago | (#32255282)

...except that they wont actually delete your account without running through a massive number of hoops - one site [stevenmansour.com] and another [nytimes.com] among several that pop up with a "delete facebook" search on google

Re:Is It Just Me ... (2, Informative)

Pvt_Ryan (1102363) | more than 4 years ago | (#32255100)

I ran them in the following order:

reclaim
saveface
reclaim

on the 2nd run recalim reported everything as "good"

Re:Is It Just Me ... (2, Informative)

commodore64_love (1445365) | more than 4 years ago | (#32255166)

Ditto. It appears reclaim didn't really change my settings (hence why it still showed red). Saveface did all the work.

Re:Is It Just Me ... (1)

bill_mcgonigle (4333) | more than 4 years ago | (#32255912)

RECLAIM doesn't seem to work. It tells me I have vulnerabilities, but when I click "fix" it doesn't fix the problems.

Same here. The underlined link did bring up the right page and I unchecked the right boxes. Then it verified the change correctly.

Re:Is It Just Me ... (1)

Locke2005 (849178) | more than 4 years ago | (#32255306)

You're missing the point... if any app can update your privacy setting, it is trivially easy for a trojan such as a game to update your settings as well.

Re:Is It Just Me ... (2, Informative)

0100010001010011 (652467) | more than 4 years ago | (#32255438)

And it couldn't before? Any trojan could go and change your settings for any website that you're currently logged into. It's not like this is something new with facebook.

Heck, the fundamental way they work is the entire idea behind GreaseMonkey & UserScripts (for Chrome/Opera)

Re:Is It Just Me ... (1, Interesting)

Anonymous Coward | more than 4 years ago | (#32255056)

In your rush to get first post, you failed to read the article and have now asked a question that you wouldn't need to ask. Had you spent 30 seconds scanning any one of the links instead of typing your post, you would have saved yourself from looking like an idiot.

Better luck next time.

Re:Is It Just Me ... (2, Funny)

facebook (1249112) | more than 4 years ago | (#32255338)

It's a good idea, just trust me. Most of you dumb fucks already have.

Re:Is It Just Me ... (1)

Hognoxious (631665) | more than 4 years ago | (#32255578)

How much difference does changing the settings actually make? The words "stable", "door" and "bolted" spring to mind.

Open Source Warning (5, Insightful)

AnonymousClown (1788472) | more than 4 years ago | (#32254760)

Before creating a facebook account, please consider this:
  • Facebook must exploit your personal info in order to make the mega bucks that they've grown used to.
  • A Facebook page may make you unemployable.
  • All Facebook privacy safeguards will be circumvented.

Re:Open Source Warning (4, Insightful)

Abstrackt (609015) | more than 4 years ago | (#32254928)

A Facebook page may make you unemployable.

This one thing from an otherwise good post really bugged me. You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

Re:Open Source Warning (5, Insightful)

dcmoebius (1527443) | more than 4 years ago | (#32255046)

they can only work with data you give them.

Not true, actually. They can also work with the information your "friends" give them.

Re:Open Source Warning (2, Insightful)

Animaether (411575) | more than 4 years ago | (#32255174)

At which point it doesn't matter whether you, yourself, are on Facebook - as long as that 'friend' puts your name in an entry, you could be flagged in such an internet query. I.e. if you're laying face-down in vomit with a half-empty bottle of Absolut in your hands, it doesn't really matter whether that somebody 'tags' that photo with the 'friend' account 'dcm' or simply jots down 'lol dcm after a FUN night out!'

Re:Open Source Warning (4, Insightful)

icebraining (1313345) | more than 4 years ago | (#32255378)

In fact, it's the reverse: being on Facebook is better because it alerts you when people tag you, so you can ask them to take it down/edit it; if you aren't registered you probably will never know until it bites you.

Re:Open Source Warning (0)

Anonymous Coward | more than 4 years ago | (#32255948)

And if you're registered under a nickname and an obscure email address your employer won't be able to find you, or the photos tagged with your nickname.

It *doesn't* suck you in!! (1)

Torodung (31985) | more than 4 years ago | (#32256134)

Insidious, ain't it? The only way to see if someone's posted Photoshopped naked pics of you in Facebook is to be on Facebook.

I liked Web 1.0 better, where Photoshopping people on nude bodies was only done to celebrities, who had decided to give up all their privacy in their choice of career, for considerable fringe benefits. That or banished to some obscure part of the Internet.

Web 2.0 is all the disadvantage of celebrity, with none of the benefits.

--
Toro

Re:Open Source Warning (3, Insightful)

nacturation (646836) | more than 4 years ago | (#32255144)

A Facebook page may make you unemployable.

This one thing from an otherwise good post really bugged me. You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

"Damn Abstrackt, you sure had a fun time with those hookers last night. I can't believe they happened to have marijuana on them... you sure went to town on that bong! [pic attached] I'll be on IRC tomorrow... you've gotta tell me all about that Windows bug you exploited to crack into that .mil site." -- written on your wall

Re:Open Source Warning (1)

John Hasler (414242) | more than 4 years ago | (#32255184)

> You may make yourself unemployable by posting things you shouldn't in
> public because despite Facebook's atrocious privacy policy they can only
> work with data you give them.

I mostly agree. There's nothing wrong with using Facespace or any other free, ad-supported service as long as you understand that anything you put there might become public (or be lost in a crash or be deleted when the service is discontinued). As to their privacy policy, well, hell. They have no contract with you (nor you with them): just some vague non-binding promises. What do you expect for free? Enjoy it while it lasts, but don't rely on it.

Re:Open Source Warning (1)

isilrion (814117) | more than 4 years ago | (#32255230)

[...] because despite Facebook's atrocious privacy policy they can only work with data you give them.

... or that your friends give them. Some of which may not even be your "facebook friends".

Or friends (1)

DrYak (748999) | more than 4 years ago | (#32255248)

You may make yourself unemployable by posting things you shouldn't in public {...} they can only work with data you give them.

Or, some idiot might post un-appropriated stuff about you.
In fact, you don't even *need* to have a facebook account to get embarrassed by people you made the mistake to consider as friends.

Re:Or friends (1)

AnonymousClown (1788472) | more than 4 years ago | (#32255328)

That happened to a friend of mine. She was out with friends and wasn't drinking. Someone passed her shots to pass down the table. Of course, someone was taking pictures and guess what? Yep, the picture of her with the two shots got on her friends Facebook page. She had a Facebook page too which was linked to her friends .... Oy!

I disagree. (3, Informative)

AnonymousClown (1788472) | more than 4 years ago | (#32255262)

Many employers and definitely for security clearances will look at your page and all of your friends. Guilt by association.

See here under "Yes, Facebook can get you fired." [wsj.com]

Mr. Fulmer and his wife made fun of a local church sermon in a podcast they posted online in 2005. Mr. Fulmer says it got so much attention, his boss listened to it, thought it was offensive and fired him.

The thing is, sharing things about yourself can be objectionable to an employer - and you don't know what they could be.

What may be completely harmless or even your God given right to say or do, may make you unhirable for an employer or even fired. Against the law in some cases - prove it. They can always find a legitimate and legal excuse to not hire you or fire you.

The best thing to do is pass on Facebook.

Re:I disagree. (2, Insightful)

BobMcD (601576) | more than 4 years ago | (#32255878)

The article you linked says that 27% of orgs have a policy and that 2% of them have actually fired someone over things like this.

It seems to me having an objectionable Facebook page might be an asset. It would definitely keep you away from employers who do not understand that you're there to earn a paycheck, and then you go home. Now if you're the sort that actually wants to be micromanaged without pay, heed the advice, but for the normal among us, maybe it isn't such a big deal. Take this:

That happened to a friend of mine. She was out with friends and wasn't drinking. Someone passed her shots to pass down the table. Of course, someone was taking pictures and guess what? Yep, the picture of her with the two shots got on her friends Facebook page. She had a Facebook page too which was linked to her friends .... Oy!

Maybe you want to work for an establishment that understand that bars exist and that adults go into them. If you are seeking employment from an organization that would like to see all bars burnt to their foundation, I'd suggest you never even drive past one, let alone go inside.

At which point it doesn't matter whether you, yourself, are on Facebook - as long as that 'friend' puts your name in an entry, you could be flagged in such an internet query. I.e. if you're laying face-down in vomit with a half-empty bottle of Absolut in your hands, it doesn't really matter whether that somebody 'tags' that photo with the 'friend' account 'dcm' or simply jots down 'lol dcm after a FUN night out!'

You'd rather your boss went 'lol' along with the rest of us. Trust me. If they don't understand that adults of a certain age do certain perfectly legal things on their own time then they likewise won't understand when your kids get sick, when you want to vote your conscience, or when you land that really great promotion in another firm and want to say goodbye.

Re:I disagree. (0)

Anonymous Coward | more than 4 years ago | (#32256110)

good post. A minor correction: I don't have any God given rights. I only have rights given by Smith and Wesson.

Re:Open Source Warning (4, Insightful)

Hognoxious (631665) | more than 4 years ago | (#32255712)

You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

Gibberish. I could post a picture of two drunken idiots dancing naked in the street on my page - and tag one of them as you.

Re:Open Source Warning (1)

hitmark (640295) | more than 4 years ago | (#32255404)

Facebook must exploit your personal info in order to make the mega bucks that they've grown used to.

maybe grows used to, but that do not mean entitled to. If i grow used to getting $1000000 onto my account each month, and then it stops, am i then entitled to having that start again?

Re:Open Source Warning (0)

Anonymous Coward | more than 4 years ago | (#32255876)

I really don't get this "employers digging through Facebook" stuff... My profile is totally closed to the outside world. All my info is set to "only friends" or just me. I don't even show up in Google or Facebook searches. How on Earth is a prospective employer going to get to my profile? Even if they did, they wouldn't be able to see ANYTHING.

Honestly, explain it to me because I don't get it. If you don't want to be found, you won't be found. Say what you will about Facebook's privacy settings, at least for the time being they allow for that.

Copy (2, Insightful)

mehrotra.akash (1539473) | more than 4 years ago | (#32254774)

What prevents these apps from keeping a copy of the info in their databases before changing the settings?

Re:Copy (2, Informative)

Anonymous Coward | more than 4 years ago | (#32254804)

The fact that they are open source and you can view the code before you run it? If you're not comfortable with it, don't use it.

Re:Copy (2, Insightful)

mehrotra.akash (1539473) | more than 4 years ago | (#32254886)

Considering that many of the people who need to use an app to change their privacy settings and are on facebook will not be able to understand code.
Example: so many people grant full profile access to apps just to view a video(and that app just spams the wall of their friends)

Re:Copy (4, Interesting)

pjfontillas (1743424) | more than 4 years ago | (#32254946)

But with the source code available people who do understand code can analyze the code for just such a thing. We don't need to have everyone understand how the code works we just need some that find any flaws that then help spread the word to everybody else.

Re:Copy (1)

CannonballHead (842625) | more than 4 years ago | (#32255150)

We don't need to have everyone understand how the code works we just need some that find any flaws that then help spread the word to everybody else

There is no guarantee that that has happened, is there? With a small project that apparently has, at this time, one developer? I have not read anyone that has reviewed the current codebase and told me that nothing bad is in there.

Re:Copy (1)

Myopic (18616) | more than 4 years ago | (#32255324)

There doesn't need to be a guarantee. There only needs to be sufficient basis for trust. Your interlocutors are claiming that, for them, there is sufficient basis for trust. You can make your own decision.

Re:Copy (1)

CannonballHead (842625) | more than 4 years ago | (#32255900)

My argument is that the framework is there for trust, but simply being open source doesn't automatically mean it is trustworthy in its current form (i.e., current code).

In other words: it's open for review, but that does not mean that someone has reviewed it.

(that said, I would tend to trust an open-source one more than closed-source with no external review, simply because the open-source one is openly inviting review at any time... if that is your point, then I agree :))

Re:Copy (0)

Anonymous Coward | more than 4 years ago | (#32255332)

or the fact that these "apps" are just some javascript that can be executed on facebook, and have no database whatsoever. You could be afraid that it phones home and sends data to the creator, but if you can't read simple javascript well enough to tell if this is happening, turn in your geek card and get the fuck off this site.

Re:Copy (1)

blueg3 (192743) | more than 4 years ago | (#32255256)

For Reclaim, at least, your data doesn't go through their servers. It's a bookmarklet that causes JavaScript to be executed. The JavaScript file can be downloaded and reviewed, and you could even change the bookmarklet to run your local, reviewed copy instead of the one from their server. It doesn't appear to communicate with anyone but facebook.com.

Are these tools in the article safe? (2, Insightful)

Anonymous Coward | more than 4 years ago | (#32254776)

They run javascript on the facebook page, can they be used to steal my facebook password?

Re:Are these tools in the article safe? (0)

Anonymous Coward | more than 4 years ago | (#32254916)

can they be used to steal my facebook password

Would losing your Facebook account be such a bad thing?

Re:Are these tools in the article safe? (0)

Anonymous Coward | more than 4 years ago | (#32255162)

Not if you are already logged in before you run them.

Other websites knowing your facebook account (1)

HockeyPuck (141947) | more than 4 years ago | (#32254780)

I've noticed recently that many non-facebook accounts (cnnmoney.com for example) know about my facebook account. Usually I see a link/graphic at the bottom of the page that says "click to 'like' this" or something similar.

Anybody know how to keep these third party sites from knowing about your facebook account?

Re:Other websites knowing your facebook account (4, Informative)

mehrotra.akash (1539473) | more than 4 years ago | (#32254826)

Account->privacy settings->Apps and websites Disable "Instant Personalization Pilot Program"

Re:Other websites knowing your facebook account (5, Informative)

TimmyDee (713324) | more than 4 years ago | (#32254974)

I wish it were that easy. I have the "Instant Personalization Pilot Program" disabled on my account, but FB Connect popped up on CNN Money this morning.

What did I do? I specifically blocked any URL containing "fbconnect". Problem solved. OmniWeb let me do this using RegEx, but I'm sure the same can be done with AdBlock.

Re:Other websites knowing your facebook account (2, Informative)

mehrotra.akash (1539473) | more than 4 years ago | (#32255088)

My mistake, that is only for 2-3 sites that use your FB id to store profile settings

However, the other sites seem to be taking the data with explicit permission from FB. See http://www.microsoftteched.in/ [microsoftteched.in]
On the bottom right there is a FB app click on the privacy button in it, there is a 4-5 page long document, but since it is on facebook.com, I assume that it is only for selected partners, so it should be as safe as your data is on FB itself

Re:Other websites knowing your facebook account (1)

mcb (5109) | more than 4 years ago | (#32255988)

The CNN issue really bothered me. From my research, you can also prevent it by disabling third party cookies.

In Firefox it's in Tools->Options->Privacy->Use custom Settings for history

Re:Other websites knowing your facebook account (1)

Fnkmaster (89084) | more than 4 years ago | (#32255130)

Here [slashdot.org] is a very helpful post from a few weeks back. Easy enough to set up Adblock to block all that stuff out.

Alternatively, if you log out of Facebook after use, most of this stuff doesn't show up. However, that doesn't block all the Facebook content on third party websites according to some.

The Adblock solution seems to be 100% effective for me.

Re:Other websites knowing your facebook account (2, Informative)

Locklin (1074657) | more than 4 years ago | (#32255824)

For privoxy, I added the following to my user.action file:

{ +block{Facebook privacy invasions} }
http://api.facebook.com/restserver.php
http://www.facebook.com/connect.php/js/FB.SharePro/
http://www.facebook.com/ajax/connect/
http://www.facebook.com/plugins/
http://www.facebook.com/connect/
http://connect.facebook.net/

and saved.

Re:Other websites knowing your facebook account (0)

Anonymous Coward | more than 4 years ago | (#32255290)

People just aren't paranoid enough. I normally use Safari for day-to-day use, but for Facebook I setup up Firefox with a separate profile just for Facebook. That profile has every anti-facebook extension I could find installed. I use Facebook, but it's locked in a sandbox with a steel cage around it.

Re:Other websites knowing your facebook account (1, Informative)

Anonymous Coward | more than 4 years ago | (#32255752)

Yep, easily done with AdBlock here's the filter: http://dev.mathiasbaert.be/misc/facebook-connect-opt-out.html [mathiasbaert.be]
it will block facebook.com, fbcdn.net and facebook.net on third party sites

Re:Other websites knowing your facebook account (1)

HockeyPuck (141947) | more than 4 years ago | (#32255006)

I've always had that disabled, but it still shows up on cnnmoney.

Re:Other websites knowing your facebook account (2, Funny)

Anonymous Coward | more than 4 years ago | (#32254870)

You should sprinkle a lot of obscenities, pornographic pictures, and the most distastful things that you can find on your facebook pages. It will insure that other sites cannot use your information without losing their "safe for work" designations.

Re:Other websites knowing your facebook account (0)

Anonymous Coward | more than 4 years ago | (#32256150)

It will also insure that your facebook account loses it's "allowed to remain on facebook" designation.

DO NOT use UNTANGLE.com (0)

Anonymous Coward | more than 4 years ago | (#32254792)

I tried it, and without asking, Untangle.com reset all my privacy settings!!! This is unacceptable as I had painstakingly customized it to better settings than default.

Use reclaimprivacy.org looked much better - it simply listed what is wrong with my account.

Re:DO NOT use UNTANGLE.com (3, Informative)

iamhigh (1252742) | more than 4 years ago | (#32254850)

RTFM you moron. It plainly states on the download page that it resets all your settings to friends only.

Re:DO NOT use UNTANGLE.com (1)

jonpublic (676412) | more than 4 years ago | (#32255646)

This is slashdot. People never RTFM.

And now for something completely different! (2, Funny)

Anonymous Coward | more than 4 years ago | (#32254878)

And that, my liege, is how we know the Web to be banana-shaped.

This new learning amazes me, Sir Zuckerberg. Explain again how a series of tubes may be employed to eliminate privacy.

Oh, certainly, sir.

Look, my liege!

[trumpets]

Facebook!
Facebook!
Facebook!

It's only a website.

Shhh!

Friends, I bid you welcome to your new home. Let us ride... to Facebook.

[singing]

We're Friends of the round table
We Poke when e're we're able
We do Farmville and play Mob Wars
With mousework impecc-able
We lurk around on Facebook
We tag and quiz our friends a lot!

[dancing]

We're Friends of the round table
Our Likes are for-mid-able
Though many times we're given gifts
That are fake and unuse-able
We're news-feed mad on Facebook
We check from mobile phones a lot!

[tap-dancing]

Oh, our Walls we cradle
Quite indefatigable
Between our posts we friend request
And pad our list where able
It's a busy life on Facebook
I have to push the 'Hide' a lot!

[outdoors]

Well, on second thought, let's not go to Facebook -- it is a silly place.

Right.
Right.

And now for something completely different!

Zuck: Yeah so if you ever need info about anyone at Harvard
Zuck: Just ask.
Zuck: I have over 4,000 emails, pictures, addresses, SNS
[Redacted]: What? How'd you manage that one?
Zuck: People just submitted it.
Zuck: I don't know why.
Zuck: They "trust me"
Zuck: Dumb f***s.

Re:And now for something completely different! (1)

Culture20 (968837) | more than 4 years ago | (#32255956)

Zuck: Yeah so if you ever need info about anyone at Harvard
Zuck: Just ask.
Zuck: I have over 4,000 emails, pictures, addresses, SNS
[Redacted]: What? How'd you manage that one?
Zuck: People just submitted it.
Zuck: I don't know why.
Zuck: They "trust me"
Zuck: Dumb f***s.

I usually mask out dirty words too, but if you're quoting someone directly, and are doing so to make a point, altering their words doesn't help.
Zuckerberg, in that last exchange, called all Harvard Facebook patrons...

Dumb fucks.

FACEBOOKS knews to MUACH! (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#32254884)

I got a phone call this morning and as soon as I picked up the receiver a man said, "There is a fly in the ointment, I repeat there is a fly in the ointment!"

I recognized that voice immediately so I said, "I know that's you and why are you calling my house Obama, have you lost your damn mind you crazy bastard!"

Then Obama mumbled a quick, "sorry that call was supposed to go to the CIA" or some such shit like that and got nervous and hung up the phone real quick.

Well it didn't take me but four or six hours to put two and two together and now im pretty sure the entire weight of the federal government is about to come down hard on my ass!!

Im considering bugging out right after I finish this pitcher of mimosas.

Re:FACEBOOKS knews to MUACH! (0)

Anonymous Coward | more than 4 years ago | (#32254970)

MOD +5 INSPIRING

Looking forward (4, Insightful)

Spad (470073) | more than 4 years ago | (#32254922)

Cue an endless series of phishing sites: "Did you know that anyone on the internet can see things you post on your Facebook page? Just type in your username and password and we'll scan your profile to see if it's secure..."

It's really not that difficult. (4, Interesting)

UncHellMatt (790153) | more than 4 years ago | (#32254940)

I work in IT for a small police department, and recently have begun doing presentations for parents on Facebook and general online privacy, what steps can be taken and how to watch out for warning signs of problems. I'd say at least half the parents I talk to are completely unaware of what information is freely available online about their kids, if allowed to use such a site, or how much information their kids are making available online.

It only takes about 20 minutes to educate a neophyte, if they're willing to learn, how to lock down privacy on Facebook.... He said with a pained expression. One thing which never ceases to boggle my mind is the number of parents (and people in general) who really don't understand and don't CARE what information is out there, or what it can mean. ID theft, home intrusion, stalking, all that pretty much is "someone else's problem", producing enough SEP power to cloak an average sized nation.

While products like this are certainly useful, the bigger issue is education. If you're aware of the changes to FB and the like, setting security takes all of a minute. If you're unaware and someone tells you, and if you're not particularly inclined toward looking over security settings, it might take someone 10-20 minutes to go over them with you. If you just plain don't care, no amount of open or closed source software is going to make any difference whatsoever.

Offtopic (1)

mehrotra.akash (1539473) | more than 4 years ago | (#32255008)

What is SEP Power?

Re:Offtopic (0)

Anonymous Coward | more than 4 years ago | (#32255132)

"Someone Else's Problem"

Re:Offtopic (0)

Anonymous Coward | more than 4 years ago | (#32255596)

Read Hitch Hikers Guide to the Galaxy series. I think its in book 2 or 3. Someone Else's Problem fields are quite powerful.

Re:Offtopic (0)

Anonymous Coward | more than 4 years ago | (#32255818)

Clearly, you've never read any hitchhiker's guide books.

Re:Offtopic (0, Flamebait)

Hognoxious (631665) | more than 4 years ago | (#32255916)

What is SEP Power?

It's where instead of scanning backwards through the post for the enormous distance of five whole words - until you find three consecutive words beginning with the letters "s", "e", and "p" (in that order and in quotes) - a dumb fucking Indian generates a DFI field by asking a stupid question.

Re:It's really not that difficult. (1)

gbrayut (715117) | more than 4 years ago | (#32255574)

You should record the presentations and put them up on youtube...

Re:It's really not that difficult. (1)

Hognoxious (631665) | more than 4 years ago | (#32255784)

It only takes about 20 minutes to educate a neophyte, if they're willing to learn

Ummm, stop. I see the problem, right there.

Re:It's really not that difficult. (1)

Mashiki (184564) | more than 4 years ago | (#32256018)

We do something similar via the RCMP and MP's from the military and RAD [rcmp-grc.gc.ca] here in Canada, but it's aimed for kids and takes 7mins. If you're interested look up, but 20mins is far too long. If you can do it in under 10 and make it easy enough a grade schooler can figure it out then you're all set.

Facebook is a Gossip (1)

ObsessiveMathsFreak (773371) | more than 4 years ago | (#32255012)

Facebook is the world's worst gossip. You tell them anything, they will tell it to every one of your friends, their friends (marketers), and probably anyone else who so much as passes by.

All these tools essentially do is add a "and please don't tell anyone" onto your data entries. The real solution is not to tell the gossip anything in the first place.

Re:Facebook is a Gossip (1)

commodore64_love (1445365) | more than 4 years ago | (#32255114)

That's why most of my facebook is blank. I listed my High School and College so I could reconnect with friends, and that's it. And from time to time I go through my profile and delete 90% of my older, obsolete postings.

Re:Facebook is a Gossip (0)

Anonymous Coward | more than 4 years ago | (#32255340)

Friends are still a vector though, they can post and tag images of you doing crazy things, talk about you on your wall, etc...

Re:Facebook is a Gossip (0)

Anonymous Coward | more than 4 years ago | (#32255418)

I keep a minimalist profile, but I enjoy having relevant ads on Facebook. Very few sites offer this sort of personalized advertising.

Re:Facebook is a Gossip (1)

CannonballHead (842625) | more than 4 years ago | (#32255188)

The real solution is not to tell the gossip anything in the first place.

Pft. You and your common sense may go elsewhere. What I want is to be able to tell anyone I want anything AND force them to be quiet and not tell others! ...

Seriously though, you're right - but it seems that most people would rather gossip and take the risk than have to live without. And only when they "get burned" do people suddenly find out that their privacy is important, perhaps more important than the gossip-entertainment. And Farmville.

Re:Facebook is a Gossip (1)

Myopic (18616) | more than 4 years ago | (#32255414)

That sounds like the market (the privacy market) at work. Some people take too much risk and get burned; some take not enough, and lose out on certain benefits.

Please note that I am not a market ideologue, I just wanted to comment on how this instance seems to be working out.

Re:Facebook is a Gossip (1)

CannonballHead (842625) | more than 4 years ago | (#32255928)

Hum. That's a good point, I hadn't thought of it that way before.

In general, I don't think FB is doing anything wrong necessarily. I don't know all of what their doing, of course. And, in general, privacy settings are your own things to choose, and you agree to various terms. Everyone just checks the I Accept box, clicks submit, and then complains when something they accepted happens :)

Anyways. Interesting thought about the "privacy market."

Warning about SaveFace (2, Informative)

Anonymous Coward | more than 4 years ago | (#32255086)

SaveFace automatically goes through and sets your privacy to "Only Friends" for everything. This may undo certain privacy measures you've already taken. For example, I set up a Limited Profile friend list for people who don't need to have access to my e-mail addresses, screen names, etc and blocked those items for them. SaveFace went through and removed those restrictions, so any of my friends could see my e-mail addresses, screen names, phone number, etc.

This tool would work fine if everyone on your friends list are actually friends who you'd like to share all of this with. On the other hand, all those folks from high school I added don't need to be able to IM me, call/text me, or use my e-mail address for anything.

Third Option (2, Insightful)

WarpedCore (1255156) | more than 4 years ago | (#32255102)

Re:Third Option (0)

Anonymous Coward | more than 4 years ago | (#32255870)

Thanks. I just deleted my account.

Is it really that hard? (1)

Bambi Dee (611786) | more than 4 years ago | (#32255118)

Is it really so hard to simply go through Facebook's privacy settings yourself and consciously set them to whatever you want (as far as that's possible)? Same with all these warnings people pass around through status updates. I keep seeing suggestions to the effect of "click this, then that, then that, then 'wet your pants in public', then 'no'" only to find that I've already done that anyway. If you're really concerned about your Facebook privacy, what's been keeping you from checking out the relevant options yourself? They're not hidden, they're just... many. Or is there something that external "helpers" can do that you can't do yourself?

Re:Is it really that hard? (2, Insightful)

Todd Knarr (15451) | more than 4 years ago | (#32255206)

It's not hard, just involved and convoluted. Facebook's settings are many, and some of them aren't in the obvious places. These tools make it easy to do what's time-consuming to do by hand.

Re:Is it really that hard? (1)

Bambi Dee (611786) | more than 4 years ago | (#32255270)

I see your point. I think I'd just start worrying about my grasp of the tools' "reach" and trustworthiness in addition to worrying about Facebook's admittedly huge "options hierarchy".

Re:Is it really that hard? (1)

Aladrin (926209) | more than 4 years ago | (#32255304)

When they change every month and you have no idea what changed? Yes, it's really that hard.

I was 99% sure I was covered before I ran ReclaimPrivacy the other day. It found 3 sections that had data that was more open than I intended.

Re:Is it really that hard? (1)

Bambi Dee (611786) | more than 4 years ago | (#32255456)

It came up all "good" for me. But I "shared" it nonetheless.

Re:Is it really that hard? (2, Informative)

JustinOpinion (1246824) | more than 4 years ago | (#32255434)

Is it really so hard to simply go through Facebook's privacy settings yourself and consciously set them to whatever you want (as far as that's possible)?

Yes, it really is "so hard". Intentionally so. Take a look at this NY Times graphic [nytimes.com] showing all the privacy settings options that exist throughout a Facebook profile. (Or, at least, the options the NY Times was able to find.) You can see that the options behave in inconsistent ways. You can set "maximum privacy" on one page without realizing that an option at a different level over-rides this (e.g. third-party ads may still have access).

To really insure maximum privacy, you not only have to navigate this maze of options (the NY Times graphic helps to make sure you've nailed them all), but you have to repeatedly re-check your settings since Facebook can (and does) change the settings interface (and thus the default settings) from time to time. So a previously "highly private" profile can have information leak unless you are actively checking whenever there are changes.

As I said before, this is probably intentional. Facebook would prefer to have more access to data and more ability to redistribute personal data for profit. So it is to their advantage if people don't have maximally-private settings. A plugin that actually produces a clean, sane, and useful privacy settings interface can thus make it much easier to control those settings. It also points out just had bad Facebook's settings and customization pages really are: you need third-party apps and newspaper flow-charts to make sense of them.

Re:Is it really that hard? (1)

Bambi Dee (611786) | more than 4 years ago | (#32255558)

On the one hand, I do think it's good that people in general are becoming more aware of privacy issues, and this article is a symptom of that.

On the other hand, I wonder if external tools aren't just catering to or perpetuating a sense of helplessness in the face of Facebook's (certainly convoluted) settings: "Oh, you can't trust yourself to understand how to do it right, you need this third-party utility to be safe."

But I guess I'm not really trying to make sense of the settings either. I just go through them one by one.

Application Boundary Enforcer (4, Informative)

johndoe42 (179131) | more than 4 years ago | (#32255482)

Even if you turn off instant personalization, facebook still knows every time you visit one of those partner sites. But NoScript (I leave scripts enabled globally) has a cute feature called Application Boundary Enforcer. Here's (some of) my config:

Site .facebook.com
Accept from .facebook.com
Deny

Site .fbcdn.net
Accept from .facebook.com
Accept from .fbcdn.net
Deny

Enjoy!

Re:Application Boundary Enforcer (1)

uniquegeek (981813) | more than 4 years ago | (#32255922)

thanks; I hadn't poked in there for a while, and had forgotten about it
(mod parent up)

SaveFace warning (2)

Rune64 (1594893) | more than 4 years ago | (#32255586)

Using the ReclaimPrivacy page worked great, made appropriate suggestions and allowed me to one-click fix select privacy settings. After running my profile through the SaveFace tool, however, it actually loosened my privacy settings automatically (changed some things which were set as "Only Me" to "Friends Only"), and did so without allowing me to interact and with no prompt telling me what it was doing in advance, with no way to stop it.

Ran into an issue with Reclaim... (1)

BLKMGK (34057) | more than 4 years ago | (#32255744)

It doesn't finish the scan for some reason - hangs on "scanning". Might be just me, might be FireFox which is damned goofy and crashes often for me, or it may be Fluff Busting Purity (which kills the animal and Mafia postings etc. via Greasemonkey). Other than it hanging on those two things it does look to be the better tool in that it examines settings and warns vs setting them to whatever the other tool thought was most appropriate when it was written.

A very nice concept though!

All I see is JavaScript? (1)

Eggbloke (1698408) | more than 4 years ago | (#32255766)

All I see is the JavaScript when I click on the bookmark. (Ubuntu 10.04, Firefox) Help?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?