Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Facebook Implements 'Download Your Profile' Option

CmdrTaco posted more than 3 years ago | from the just-want-a-damn-rss-feed dept.

Social Networks 114

eldavojohn writes "Facebook is rolling out some new changes (including groups) that are supposed to liberate user control. But something that might interest Slashdot readers even more is that they now allow you to download all your information from Facebook. That's everything — all your posts, pictures, videos, friend lists, etc. A video from David of the Open Source team at Facebook explains how it will work, although I don't see that option on my profile yet (they are slowly rolling it out). There's not a lot of details yet, but they at least require you to click a link from an e-mail and reenter your password to get this (to avoid spambots harvesting everyone's data and careless use of public computers resulting in data leaks). Perhaps competitors like Diaspora would be interested in using this base information to germinate user seeds?"

cancel ×

114 comments

Sorry! There are no comments related to the filter you selected.

loil (-1, Offtopic)

Anonymous Coward | more than 3 years ago | (#33823544)

NAGGERS FIRST POST

A nice gesture of openness (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33823562)

Well this certainly makes it much more easier to move your nonsense-data around, but how long untill all the data is available on piratebay?

Re:A nice gesture of openness (2, Interesting)

Pojut (1027544) | more than 3 years ago | (#33823610)

Unless your account (or their servers) get hacked, it would only show up if you put it on there yourself...

Aside from being able to back up everything, it would be interesting to do this and read some early correspondence on the service.

Re:A nice gesture of openness (2, Insightful)

NeverVotedBush (1041088) | more than 3 years ago | (#33823944)

Facebook sending users an e-mail with a link to click on just invites spam and fake websites to harvest user's logins and passwords.

Nice move on Facebook's part to help train their users to click on links in e-mails that take them to websites to enter authentication credentials.

Re:A nice gesture of openness (4, Insightful)

sinclair44 (728189) | more than 3 years ago | (#33824058)

I love how people used to bitch that you couldn't get your data off of Facebook (which wasn't even completely true, given Platform and Connect), but now that they added that exact feature, people are bitching that it will allow spammers to get information or that it trains users in some bad way. Can you give them a fucking break? They are honestly trying to add a feature exactly for the demographic here (most users probably don't care about this level of data portability one bit) and all most people can do is still complain.

Re:A nice gesture of openness (5, Insightful)

NeverVotedBush (1041088) | more than 3 years ago | (#33824122)

Dude, it is one of the basic tenets in computer security to not click on links in e-mails that take you to websites where you enter login credentials.

Those kinds of e-mails are known as phishing and spear phishing attacks. They are very common and very dangerous.

Facebook has had no end of security problems. Now with the publicity that they will be sending out e-mails that have a link, wait a few days and see what hits in computer security news.

Re:A nice gesture of openness (1)

The Clockwork Troll (655321) | more than 3 years ago | (#33824364)

They would only send these e-mails if you, as an authenticated facebook user, clicked the "Download my account" link.

So an adversary would have to time extremely well the sending of the spam link in order for the user not to be suspicious.

Even then, if facebook wanted to further deter account download masquerade phishing, they could prompt for some kind of comment at the point of requesting an account download, which they could recapitulate in the e-mail to show the request was legitimate and came from you.

Dude.

Re:A nice gesture of openness (2, Insightful)

stephathome (1862868) | more than 3 years ago | (#33825218)

You have a lot of faith in users. I know too many people who wouldn't realize that the link is only sent on request and think it sounds interesting to download their account.

Re:A nice gesture of openness (1)

iluvcapra (782887) | more than 3 years ago | (#33828684)

I don't see how facebook could prevent this sort of attack by any means...

Re:A nice gesture of openness (3, Insightful)

yabos (719499) | more than 3 years ago | (#33826144)

If everyone knew what they're doing then that'd be fine but the average user is an idiot. They will click an email link supposedly from their bank warning them that there's a problem with their account. Then they will enter all the account login information. If people do this with bank info, they're going to do it with facebook info as well. This happens all the time.

Re:A nice gesture of openness (3, Informative)

LateArthurDent (1403947) | more than 3 years ago | (#33824806)

Dude, it is one of the basic tenets in computer security to not click on links in e-mails that take you to websites where you enter login credentials.

Those kinds of e-mails are known as phishing and spear phishing attacks. They are very common and very dangerous.

Facebook has had no end of security problems. Now with the publicity that they will be sending out e-mails that have a link, wait a few days and see what hits in computer security news.

If you're going to train people to be security conscious, you can't half-ass it. "Don't click on e-mails that take you to websites where you enter login credentials" is most definitely the wrong message. Just because there are lots of phishing e-mails doesn't mean that every such e-mail is phishing, and it actually trains people to start drawing invalid conclusions: "well, this link didn't come by e-mail, so it's ok." Phishing websites can just as easily lead you to a malicious page where you enter your credentials.

What you actually need to be teaching people is to go to the link from the e-mail, grab the ssl certificate and check the the company name, the verifying authority, and the fingerprint. The independently go to the main website where the e-mail claims to be from, in this case Facebook, and see if the signature matches. If it does, you can type in your credentials. There is no half-assing this procedure. Anything short of it is vulnerable to the attacks you are so concerned about.

Re:A nice gesture of openness (1)

insufflate10mg (1711356) | more than 3 years ago | (#33825648)

Thanks for making me chuckle this afternoon.

Re:A nice gesture of openness (0)

Anonymous Coward | more than 3 years ago | (#33826548)

What you actually need to be teaching people is to go to the link from the e-mail, grab the ssl certificate and check the the company name, the verifying authority, and the fingerprint. The independently go to the main website where the e-mail claims to be from, in this case Facebook, and see if the signature matches. If it does, you can type in your credentials. There is no half-assing this procedure. Anything short of it is vulnerable to the attacks you are so concerned about.

lolz! Are you fucking serious? Do you realize how out of touch this is? I suppose you also feel that anyone incapable or unwilling to learn this is an idiot and should be banned from the internet. Is that an incorrect assumption on my part? Do you also think people should have a license to use the internet that is similar to a driver's license?

I know you don't agree, but the rest of the internet world (outside of slashdot) does: It's up to the mail hosts that do the spam, virus, etc. filtering to filter out phishing emails. It's up to the web browsers and their content checks (the things you disable, but the rest of the world leaves enabled) to warn them about blacklisted phishing sites. The very last and most unreliable line of defense is the education of users.

Re:A nice gesture of openness (1)

clone53421 (1310749) | more than 3 years ago | (#33827054)

Whoosh.

All that and it didn’t even occur to you to point out how much easier it’d be to just double check to make sure the domain name in the URL in the address bar was correct; barring the possibility of DNS poisoning it’d be just as safe...

Re:A nice gesture of openness (2, Insightful)

kevinNCSU (1531307) | more than 3 years ago | (#33824992)

Your doing it wrong. Or at least applying it wrong. In your want to find something incorrect with Facebook you're ignoring the fact that sending an email to the user to confirm they are who they say they are before they are allowed to do things like change their password or download all their data is a tenet of website security in and of itself. These emails are always accompanied by the message "If you did not request this change/email then disregard this message and contact our fraud/tech/blah department". It would be neigh impossible for a spammer to somehow manage to send such a spam email that would show up next to the real one the very instant the user requested the feature that told them they will receive this email. .

Re:A nice gesture of openness (-1, Flamebait)

Anonymous Coward | more than 3 years ago | (#33825582)

"Spear phishing"? Seriously?

I f'ing hate it when people try to coin new phrases where we don't need them. It's just "phishing".

Re:A nice gesture of openness (2, Interesting)

DarthBobo (152187) | more than 3 years ago | (#33827820)

Spear phishing is phishing targeted at a single individual. Since its in Wikipedia and all over the Interwebs and all those black hatted types talk about I'm guessing the poster didn't make it up. Then again maybe he is one of those black hatty, Wikipedia writing trolls making s***t up in a conspiratorial way. You never know ...

Re:A nice gesture of openness (1)

GrumblyStuff (870046) | more than 3 years ago | (#33824214)

I'll give them a break when they stop reseting options with new privacy policies or ToS that lowers the ability for users to lock down their accounts and defaults all options to the most open setting.

I'll give them a break when their account deletion process no longer requires users themselves to manually go through and delete everything they put on the website.

Given FB's history, a move like this makes me wonder what detrimental change they're also doing. I'm guessing the reseting of privacy options.

Re:A nice gesture of openness (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33824408)

I'll give them a break when their account deletion process no longer requires users themselves to manually go through and delete everything they put on the website.

I was speaking with a bar tender in the airport the other week.

He said he'd discovered what happens if he googles himself ... he gets loads of links into Facebook that he and others have put up, and that he had assumed was private.

He subsequently went through and deleted everything and filled in the profile with garbage information.

When a bartender starts figuring out that Facebook has shitty privacy, it should be pretty obvious to everyone. (No offense to bartenders, they're not stupid people, just not who you think to go to for tech opinions.)

Sending it to you in an email link is just another in a long series of ways in which Facebook has never been a place you should trust. Hell, my mother (a senior citizen) has figured out not to trust Facebook.

Re:A nice gesture of openness (3, Informative)

sinclair44 (728189) | more than 3 years ago | (#33824448)

I'll give them a break when they stop reseting options with new privacy policies or ToS that lowers the ability for users to lock down their accounts and defaults all options to the most open setting.

Over the summer, they added a "master control" which you can set to "friends only" (or several other settings). This will make all of your current settings "friends only" and will also make any future setting default to "friends only".

I'll give them a break when their account deletion process no longer requires users themselves to manually go through and delete everything they put on the website.

I don't believe this has been true for a while: https://ssl.facebook.com/help/contact.php?show_form=delete_account [facebook.com]

Re:A nice gesture of openness (1)

GrumblyStuff (870046) | more than 3 years ago | (#33824962)

Wait, you mean people have only been reporting negative things about FB and largely left out anything positive that they have done?

Alright, well... there go my arguments. *Tips hat*

Re:A nice gesture of openness (1)

T-Bone-T (1048702) | more than 3 years ago | (#33828508)

I deleted an account a few months ago and when I recently accidentally logged in to it, Facebook welcomed me back and all the info I had in my profile was still there. When I ask to delete my account, I mean everything.

Re:A nice gesture of openness (1)

Painted (1343347) | more than 3 years ago | (#33824724)

...maybe they're different people? :-/

Re:A nice gesture of openness (1)

pcolaman (1208838) | more than 3 years ago | (#33825496)

Every heard of phishing, bro? This is the most common tactic used by phishers to gain info to stuff like bank account or website login info. Bad idea by Facebook in terms of the implementation, not necessarily the concept.

Re:A nice gesture of openness (1)

pcolaman (1208838) | more than 3 years ago | (#33825550)

Ever, not every. Need to increase (or drastically decrease) the coffee intake.

Re:A nice gesture of openness (1)

insufflate10mg (1711356) | more than 3 years ago | (#33825606)

I'm very happy about this update. I've been wondering if I ever wrote anything questionable on my Facebook profile; once this feature is offered to me, I will download everything and scan through it.

Re:A nice gesture of openness (1)

yabos (719499) | more than 3 years ago | (#33826124)

It wouldn't be that hard to do it within the website without this email loop which is dangerous. Just require the user to re-enter their login credentials in the download my profile section of the website. You will already know if you're on facebook's website at that point.

Re:A nice gesture of openness (1)

maxwell demon (590494) | more than 3 years ago | (#33827200)

Well, the idea is probably to use the email as additional security so that even if someone has your password, he cannot use this function, because you get a mail.

However, they could just send an unique code which you have to enter at the facebook get-data page, without a link. You already navigated to that page (otherwise you'd not have gotten that mail), and if you closed it in the mean time, you know how to get back there (after all, you found it once; and if you fear to forget how to get there, just bookmark it).

Re:A nice gesture of openness (3, Insightful)

multisync (218450) | more than 3 years ago | (#33824090)

I would think the email with the link would be sent to the user in repsonse to a request of some sort. You know, you request your data, they email you a link to get it ...

Have you never forgotten the password you use for an infrequently-visted site and had them email you a temporary one? This sounds like the same thing.

Re:A nice gesture of openness (1)

NeverVotedBush (1041088) | more than 3 years ago | (#33824228)

That kind of approach is fine. And yes, I have done the e-mail thing to recover or reset a password.

It also seems you are right - the user requests the download and then Facebook e-mails a link. It's not in the Computerworld story but is in the YouTube link to an explanation.

To Reiterate! (4, Informative)

eldavojohn (898314) | more than 3 years ago | (#33824034)

Unless your account (or their servers) get hacked ...

If your account gets hacked, they still need to have your e-mail hacked. The link to download the zip file is later sent to your e-mail address when the processing is done. Zipping up videos and images takes a while so basically you request this data and they put it in a queue and an hour/day/week/month later you get your data to download e-mailed to you in a link and you re-enter your user password. I thought I described this in my summary but that means that even if your account is hacked they would need access to your e-mail and for quite sometime unless you had already requested it and left that e-mail in your account. Yes, this means that if they know the e-mail associated with your Facebook account, they can just hack that and then request a new Facebook password sent to that account and then initiate the profile zipping.

Let's say their servers get hacked. Well, the data is still not zipped up unless they are retaining that data after someone requests it. So at most they'll have access to whoever is waiting to retrieve their data. And it's going to be a lot of data. So there are a lot of logistics involved to get access to only a few random person's data. And even if the hackers are smart enough to invoke the zip script for every single account, that's not something that will happen overnight.

Basically if they have access to your account or the Facebook servers, they already have access to everything on your profile or Facebook as a whole (respectively). So while this presents mild security issues, it's already assuming that everything is compromised ... it just presents the possibility that a hacker could more easily zip up your data ... and then that requires time ... and access to another resource of yours. For me, this risk is acceptable consider the benefit involved. As I mentioned, I suspect this will allow you to move the history of your profile to another site, which is really really good.

Re:To Reiterate! (2, Insightful)

bsDaemon (87307) | more than 3 years ago | (#33824176)

To be fair, we are probably talking about people who use the same password for everything.

So What Is the Real Issue? (1)

eldavojohn (898314) | more than 3 years ago | (#33824720)

To be fair, we are probably talking about people who use the same password for everything.

Well then in your suggested case, to be fair, where is the real security issue? Is it Facebook or is it the user?

The best and most flawless computer security systems will always have a human being as a security hole. The best 'hackers' reported in the news these days are those that use social hacks like sweet talking and shoulder surfing to gain access to very secure systems.

I wouldn't go around faulting Facebook for catering to the lowest common denominator. Their security measures are okay. They probably could be better but, hey, it's a mostly free service.

Re:So What Is the Real Issue? (1)

bsDaemon (87307) | more than 3 years ago | (#33825118)

Well, I was mostly addressing the fact that if someone was able to "hack" a facebook account, there is a high probability that the account password will match the email account that is associated with the facebook account.

It's the users' fault for re-using passwords which aren't that great, and its the users' fault for posting all their personal data on facebook, too. So, yeah, its the users' fault. It usually is.

Re:To Reiterate! (1)

Gilmoure (18428) | more than 3 years ago | (#33825140)

Hey, 1, 2, 3, 4, 5 is easy to remember.

Re:To Reiterate! (2, Funny)

maxwell demon (590494) | more than 3 years ago | (#33827234)

Hey, 1, 2, 3, 4, 5 is easy to remember.

Yeah, but it's very insecure, because everyone knows that sequence. That's why I use 5, 4, 3, 2, 1 instead.

Re:To Reiterate! (2, Insightful)

rthille (8526) | more than 3 years ago | (#33824334)

If I hack your FB account, can't I change the email associated with it?

Yeah But You Get a Notification with Revert Option (3, Insightful)

eldavojohn (898314) | more than 3 years ago | (#33824660)

If I hack your FB account, can't I change the email associated with it?

Yes, but the original e-mail address associated with your account gets e-mailed a notification allowing that to be blocked and if you do block it you have to change your password:

Hey XXXXX,

We've received your request to associate your account with the email address
malicious@hotmail.com.

An email was sent to malicious@hotmail.com to confirm the request and account
ownership. To confirm that email address, just click on the confirmation link
in the email sent to malicious@hotmail.com.

However, if that address is not familiar or you did not request to change your
contact email, please follow this link to cancel the request:
http://www.facebook.com/cancel_contact.php?t=XXXXX&u=XXXXX...
(If clicking on the link doesn't work, try copying and pasting it into your
browser.)

If you cancel the contact email change request, your account will remain with
your current email (goodguys@umn.edu) and you will be asked to reset your
password as a security precaution.

Thanks,
The Facebook Team

Now, you'd probably prefer that the original e-mail address has to okay the transition but that's how they have it implemented. So you're right, they could change the account associated with it if they know your Facebook password (it asks you at every step of the way). Then they could request the zip and wait to get the e-mail. But if you checked your e-mail in that time and canceled the new e-mail and changed your password you'd be safe.

That's definitely something they could do -- block the request of a new e-mail until an old one is okayed. But then you run into the trouble of someone hacking your e-mail account and gaining access to your Facebook account that way. In that case, they could change your Facebook account over to their e-mail account and then okay it in your hacked e-mail account. Once that's done, how would you reclaim your profile? They would always have the account associated with it.

Also if your old e-mail gets hacked and you have no way of getting it back, you're kind of at the mercy of the person who has your old e-mail as you'll never be able to change the e-mail address associated with your Facebook status and if you do, you'll tip them off that they also have your Facebook account to do with as they please.

What it usually boils down to is if your account is compromised, your account is compromised.

Re:To Reiterate! (1)

kevinNCSU (1531307) | more than 3 years ago | (#33825052)

Welcome to 1995, where websites with user accounts email the user before they allow a change of email to prevent account stealing. It's a brave new world of distrust.

Re:To Reiterate! (1)

rthille (8526) | more than 3 years ago | (#33827728)

Even now, (not sure about FB), some sites realize that you may not have access to your old email account. A DoS to the old FB email (send a bunch of spammy, mostly legitimate looking 'someone hacked your FB account' emails, but with .ru links), will get most people to ignore the 'real' one, preventing them from noticing the change of email on their account.

Re:To Reiterate! (1)

zzsmirkzz (974536) | more than 3 years ago | (#33826578)

My thoughts on this are: ::don tin-foil hait::

They implemented this code/functionality so that when requested they have an automated way to provide the entire details an interested parties account to whatever law enforcement agency requested it. In a grand PR scheme, they figured that it would eventually be leaked this functionality exists, so they present it as a feature to users who then get used to the idea of it being possible. So finally, later on, when it is discovered that they send those pretty profile-encompassing zip files to law enforcement its not completely new.

Re:A nice gesture of openness (1)

Jugalator (259273) | more than 3 years ago | (#33823666)

Well this certainly makes it much more easier to move your nonsense-data around, but how long untill all the data is available on piratebay?

Install the Facebook application "Access others private profiles" and give it full access rights to your account, I heard that'll do the trick!

Re:A nice gesture of openness (1)

WrongSizeGlass (838941) | more than 3 years ago | (#33824064)

Well this certainly makes it much more easier to move your nonsense-data around, but how long untill all the data is available on piratebay?

I guess that depends on how long it takes a clever virus to start looking for traces of these downloads on someone's PC and start harvesting the information. My guess is less than 60 days ... but it may not be on PB first as I'm sure there are other 'markets' for this type of information.

Re:A nice gesture of openness (1)

catmistake (814204) | more than 3 years ago | (#33826820)

It's already available on Eschelon. But I think Facebook is a clever front for NSA already.

No security concerns here... (5, Insightful)

Mazzie (672533) | more than 3 years ago | (#33823604)

I hope there is an option to disable this in case your account is hacked and someone wants to download all of your data, oh wait, doh....

Re:No security concerns here... (1, Insightful)

Anonymous Coward | more than 3 years ago | (#33823686)

It would have to be a permanent disabler then, or at least require external verification to re-enable (email/text/voice message ID, whatever). Not that there's much point in disabling it anyway... webpage scraping isn't that hard.

Re:No security concerns here... (3, Insightful)

tris203 (1768578) | more than 3 years ago | (#33823962)

and if they are in your account, then they can just re-enable the option? unless there is an external factor, oh wait there already is, email...

Re:No security concerns here... (5, Insightful)

PPalmgren (1009823) | more than 3 years ago | (#33824012)

I'll have to give FB credit here where it is due. There have been major complaints that your FB data isn't portable, so they have you stuck in a lock-in. This is clearly a response to those complaints. I'll be the first to hate on FB, and I still don't have an account, but we can't have it both ways bro. This brought me one step closer to signing up.

Re:No security concerns here... (1)

aardwolf64 (160070) | more than 3 years ago | (#33824264)

Now the phishers can just mock up the Facebook e-mail. Click [this link], and enter your Facebook password to finish downloading your information. If you didn't request a download, click [this link] and enter your password to change your settings and prevent this from happening in the future.

Re:No security concerns here... (0)

Anonymous Coward | more than 3 years ago | (#33825836)

MyLife (the data broker) already downloaded everyone's profile when facebook security was lax. Check it out for yourself on their site, they will be able to link you to tons of facebook pictures, etc. from you and connect them to your address. Real nice, huh. Even if you changed your prefs to lock it all down, they got it back when it wasn't locked down.

You know (5, Informative)

Ryanrule (1657199) | more than 3 years ago | (#33823658)

Facebook used to have a feature to dump your entire profile and contacts list as a csv. They removed that in the fall of 04.

Re:You know (4, Informative)

spintriae (958955) | more than 3 years ago | (#33824514)

Nowadays you can download most of it as JSON: http://developers.facebook.com/docs/api [facebook.com] . If you're logged in, the links on that page will automatically be populated with authorization keys, so you can just right-click-save-as.

Re:You know (2, Insightful)

Abcd1234 (188840) | more than 3 years ago | (#33824950)

Probaby because no one was using it. Combine that with their desire to add new features that would break that kind of functionality, and I can see why they wouldn't want to continue to support it.

Re:You know (1)

aztektum (170569) | more than 3 years ago | (#33824966)

And are replacing it with a much more robust option in 2010.

So what's your point?

Re:You know (1)

bill_mcgonigle (4333) | more than 3 years ago | (#33828116)

Facebook used to have a feature to dump your entire profile and contacts list as a csv. They removed that in the fall of 04.

The Give Me My Data [givememydata.com] app has been working pretty well for me. If I remember to use it...

Diaspora (3, Interesting)

Rik Sweeney (471717) | more than 3 years ago | (#33823662)

Perhaps competitors like Diaspora would be interested in using this base information to germinate user seeds?

Maybe, but it already looks like Diaspora development is starting to slow down. OK, there have been some commits today, but I expected to see more activity than what's currently going on.

Remember when the source to Gish was released? A lot of activity and releases for about a fortnight and then nothing...

Re:Diaspora (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33823860)

I've got no faith in the Diaspora project. From what I hear, its a slow, buggy conglomeration that doesn't even really solve the problem at hand. It requires an obscene amount of gem dependencies, and it doesn't even run on Apache. It seems like it was more of an exercise in raising money by crowd sourcing, because this project is turning out to be bigger vaporware than DNF.

Re:Diaspora (1)

Simon80 (874052) | more than 3 years ago | (#33825172)

Especially considering that DNF will probably come out first.

Well, The Response Was a Bit Harsh ... (3, Insightful)

eldavojohn (898314) | more than 3 years ago | (#33823908)

Maybe, but it already looks like Diaspora development is starting to slow down. OK, there have been some commits today, but I expected to see more activity than what's currently going on.

Well, following the release of the Diaspora source code everyone did kind of rip them apart [slashdot.org] (myself included [slashdot.org] ). We all sort of hoped that such criticism would be constructive and the developers would redouble their efforts or seek more help or new developers would aid them.

It's equally likely that after receiving black eyes instead of kudos, developers left Diaspora in droves. It might end up being a failed project with important lessons learned [slashdot.org] .

Re:Well, The Response Was a Bit Harsh ... (5, Funny)

corbettw (214229) | more than 3 years ago | (#33825234)

It's equally likely that after receiving black eyes instead of kudos, developers left Diaspora in droves.

If only there were a term to describe it when people suddenly flee en masse from a larger group of people and/or location.

Wow... (2, Insightful)

ihatejobs (1765190) | more than 3 years ago | (#33823698)

So now hackers have even more reason to go after your Facebook account. All that data in one nice, neat little download? Hackers paradise.

Re:Wow... (0, Flamebait)

Codename Dutchess (1782238) | more than 3 years ago | (#33823772)

Mod parent down. Lrn2read, spammer.

Re:Wow... (-1, Flamebait)

ihatejobs (1765190) | more than 3 years ago | (#33823792)

There's not a lot of details it but they at least require you to click a link from an e-mail and reenter your password to get this (to avoid spambots harvesting everyone's data and careless use of public computers resulting in data leaks).

Anyone that can compromise your Facebook account can compromise your e-mail account. Most users would use the same password for both.

Try not being retarded before you flame me, kay?

Re:Wow... (0, Troll)

Bobakitoo (1814374) | more than 3 years ago | (#33824008)

Hackers dont give a fuck about your farcebook account. Spamer might tho, and those can already scrape all the data from the html source. This download option is just a tool so the average user can backup and use offline his data. You, indeed, deserve to be moded down for been a fear mongering tool.

Re:Wow... (1, Interesting)

ihatejobs (1765190) | more than 3 years ago | (#33824746)

Your stupidity is astounding. A 2 second Google search shows that people do indeed care about hacking into Facebook accounts, so I'm guessing you just pulled that out of your ass because, well if you think it, it must be true!

Information is everything these days. It would also be easier for a spammer to break into your account and get one nice neat little download instead of scraping back years of data.

This tool is a download option for the average user. Its also a giant gaping security breach waiting to happen. Someone only needs to get into your account ONCE, and then they can browse years of data offline at their choosing. Just because you are too thick to see the security implications of this doesn't mean they aren't there.

Re:Wow... (1)

icebraining (1313345) | more than 3 years ago | (#33825560)

On the other hand, scraping is much safer because it doesn't send the user a email account with either the link to the download (which the spammer would have to somehow get access to) or a confirmation to change the email address.
Both would get the user suspicious and possibly cancel the request and change the password.

Scraping, as long as you have the password, is much safer. Yes, it may take a while, but that's what webspiders are for. At least the user won't be contacted to confirm a request.

Re:Wow... (1)

ihatejobs (1765190) | more than 3 years ago | (#33825656)

Chances are if they have the FB password they already have access to the users e-mail account. Lets face it, the average user uses one password for most of their online services. Why scrape when you can just download everything in one shot? If the download doesn't work (i.e the user was smart enough to use different passwords) then fall back to scraping the old fashioned way. You can even confirm access to the e-mail account before trying the download, meaning it would be risk free to try.

Re:Wow... (1)

icebraining (1313345) | more than 3 years ago | (#33825824)

Yes, but how is that a "giant security hole" compared to what they could already do? Being able to download all at once doesn't really change the fact that they'll get the data. It doesn't make FB any less safer than it was.

Re:Wow... (1)

ihatejobs (1765190) | more than 3 years ago | (#33826152)

They can download all of the data, almost instantly, and store it offline or release it into Torrentland. Scraping takes time, and prolonged access to the account. Now they only need access for a few minutes and they have everything. Changing your account password won't help since they already have everything they need and can freely and safely browse it offline.

I can totally understand why they made this move, and overall it is probably a good thing (Makes getting away from FB when it comes crashing down a whole lot easier), but at the same time they are making it even easier for people to steal your data.

Re:Wow... (1)

Schnoogs (1087081) | more than 3 years ago | (#33825058)

God forbid they see those pics of me walking my dogs....privacy freaks make me laugh

Re:Wow... (0)

Anonymous Coward | more than 3 years ago | (#33825944)

Trolls make me laugh.

Re:Wow... (0)

Anonymous Coward | more than 3 years ago | (#33827114)

You, sir, don't belong here.

how bout download your dick (-1, Troll)

Anonymous Coward | more than 3 years ago | (#33823776)

hot gay slashdick

yummm

Somehow (1)

Dunbal (464142) | more than 3 years ago | (#33823780)

This makes me glad to know that I will soon be able to download your profiles. They got the name just right.

Germ...what? (-1, Flamebait)

julesh (229690) | more than 3 years ago | (#33823814)

"germinate user seeds"?

Do you mean, "import users from an external source"? If so, why not use a phrase that's easy to understand rather than a frankly bizarre metaphor that draws attention away from what you were actually trying to say?

Re:Germ...what? (1)

somersault (912633) | more than 3 years ago | (#33823886)

I read it and understood it without even thinking about it until your post here. It's concise and to the point, I don't see what's wrong with it?

Re:Germ...what? (0)

Anonymous Coward | more than 3 years ago | (#33828166)

Granted the "author" of this story eldavojohn isn't exactly the sharpest tool in the box, there wasn't anything really wrong with that statement. Perhaps you should brush up on some reading?

This could be a game changer for Apple (2, Interesting)

MouseR (3264) | more than 3 years ago | (#33823878)

...because right now, their Ping thing is utterly useless. Downloading all your FB data, in particular, contacts, might make it easier to get started with Ping.

My data is safe (0)

Anonymous Coward | more than 3 years ago | (#33823978)

Facebook has 0 pictures and 0 info about me. Ha ha.

High times from the past (4, Insightful)

Combatso (1793216) | more than 3 years ago | (#33824174)

FINALLY!!! A way to preserve all the comments from people I havent seen in 20 years telling me we need to smoke a joint together,..

What about messages? (2, Interesting)

2names (531755) | more than 3 years ago | (#33824220)

Does this download include all messages received and sent?

ALL of your data? (4, Insightful)

davidshewitt (1552163) | more than 3 years ago | (#33824238)

allow you to download all your information from Facebook

The question is, does it really allow you to download all of your data? Does it let you download everything anyone has ever posted on your profile? If it did, this could give you some idea of what Facebook has stored about you.

Re:ALL of your data? (0)

Anonymous Coward | more than 3 years ago | (#33826112)

HUH?

Facebook has stored nothing more or less than everything you've ever entered into it, of course.

Re:ALL of your data? (1)

iammani (1392285) | more than 3 years ago | (#33827230)

And not to forget everything others have entered about you.

Yeah but, When Can I Delete It? (1, Funny)

Anonymous Coward | more than 3 years ago | (#33824304)

I don't want to have to continuously delete tags of myself, remove posts from my wall and other annoying things while I'm trying to stay off FB. It's like a god damned disease you can't get rid of. Worse yet, my wife's profile has the delete option but she's not about to use it.

-jp

Re:Yeah but, When Can I Delete It? (0)

Anonymous Coward | more than 3 years ago | (#33825280)

You can set your privacy options such that people won't be able to tag you in photos, or post on your wall if you like.

Re:Yeah but, When Can I Delete It? (0)

Anonymous Coward | more than 3 years ago | (#33825310)

Uh, download it then delete it from your harddrive? Duh!

Also (4, Interesting)

Beer_Smurf (700116) | more than 3 years ago | (#33824308)

One thing that seems to be in the same update is removal of the "Clear Chat History" button in the chat window.
There are thousands of complaints posted about this already.
It doesn't take much imagination to see how not having this feature when one is expecting it can lead to comedy.

but.....the cloud! (4, Interesting)

Sprouticus (1503545) | more than 3 years ago | (#33824494)

This is absolutely shocking. For the past few years it seems every article I have read has advocated that data be soley kept 'in the cloud' and that users will never need to download their data to a perosnal machine ever....

'The Cloud' is hype. Just like all the other hyped techs in the last 15 years (ATM will change networking, Java will be out OS, thin clients will rule the business world)

I? do think it will be interesting if real competition comes to FB how this will be used to transfer data.

Re:but.....the cloud! (1)

icebraining (1313345) | more than 3 years ago | (#33825596)

They still don't need. They can. It's different.

Not that I disagree about the hype.

Great news - groups too (2, Interesting)

ukyoCE (106879) | more than 3 years ago | (#33824704)

I can't think of any compelling reason for Facebook, as the clear market leader, to provide this service. I'm glad they did though, and it makes me feel a lot more comfortable about posting pictures, etc. there for family members without having to keep a mirror somewhere else.

I saw they're also adding some type of sub-networks or groups, so you can make a post about video games and leave out your parents, or congratulate someone about a job offer without including their coworkers. I can think of a lot of tricks to making a good implementation of this, so can't wait to see how they did it.

Those are probably the two most important features that have made me frown on facebook, so seeing both in one day is a big surprise.

Re:Great news - groups too (1)

pauljlucas (529435) | more than 3 years ago | (#33824996)

I saw they're also adding ... groups, so you can make a post about video games and leave out your parents ...

One could do that previously using Lists. However, Groups adds a "group space" for shared group content and group chat.

Re:Great news - groups too (1)

icebraining (1313345) | more than 3 years ago | (#33825666)

I can't think of any compelling reason for Facebook, as the clear market leader, to provide this service. I'm glad they did though, and it makes me feel a lot more comfortable about posting pictures, etc. there for family members without having to keep a mirror somewhere else.

Maybe the second sentence is a reply to the first? For most people it doesn't matter, but for some, being able to move in the future makes them more likely to join now.

Thank you Facebook (4, Insightful)

crf00 (1048098) | more than 3 years ago | (#33824722)

Thank you Facebook for supporting data portability and not use it as lame anti-competitive lock-in feature like Yahoo and M$ does.. I don't care how other slashdotters think, but you will earn more of my respect as you make your platform more open and release more open source projects. Well done for your effort, keep it on!

Re:Thank you Facebook (1)

Rutefoot (1338385) | more than 3 years ago | (#33826588)

They need one more option:

Give users a quick link to display a -clean- Facebook page and news feed. A lot of people are getting fed up with seeing non-stop wall posts for farmville and news feed items and application requests. I've known several people to leave the site for this exact reason. Sure, you can block various applications from showing up on your news feed, but as far as I know you can't hide them from other people's pages. Even if you could do this, it would be tedious to constantly filter out every application's posts. Additionally it's also quite possible that people may want to see the items only sometimes.

Forcing people to manually block applications (ie, income generating advertisers) only does 2 things: 1) Piss people off due to the tediousness of it and 2) Permanently eliminates those advertisers ability to make money off you. Wouldn't it just make sense to make people happy and at the same time not cut off advertisers completely?

Security (1)

mordejai (702496) | more than 3 years ago | (#33824730)

How long until spambots start sending you messages looking just like the one from Facebook directing you to a fake URL?

Probably to make Facebook more useful... (3, Insightful)

SnowDog74 (745848) | more than 3 years ago | (#33825360)

Facebook has 500 million users. At this point, they have few places to go, but down is a very likely possibility if they don't extend themselves into the fabric of the net and collaborate so they will always stick around in some form or another. Zuckerberg reportedly even made a contribution to the Diaspora guys in an undisclosed amount because he thinks the idea has merit... or, more likely, he wants to make sure there's cross-compatibility for years to come.

One other point, sort of tangential to the topic... Some of the comments in preceding discussions about Diaspora keep falling back on the "oh sure four guys in a garage with no professional experience EVER got a project off the ground" sort of sarcasm. Ok, I know it's all wonderful and cool to us nerds to rely on sarcasm and cynicism, but a little perspective should be in order as well: Facebook, Apple, Google, Yahoo and other "garage" startups... There's a reason there's only a handful of them. There are a ton of coders, but not everyone is Harvard educated, massively talented, in the right place at the right time or any combination of these. Not every coder who thinks he has a great idea can execute... ... Conversely, not everyone needs to be a Sergey Brin, Mark Zuckerberg or Steve Wozniak. In this Age of Entitlement, we all like to think life is a choice between either being rich or being nothing... but there's plenty of respectable room in between, even if all your project does is get you solid employment at someone else's company.

500 million users? (1, Interesting)

Anonymous Coward | more than 3 years ago | (#33825814)

No, they have 500 million *user accounts*.

Many of which are fake (spammers) or empty.

I guess they'll do anything.... (1)

daemonenwind (178848) | more than 3 years ago | (#33825448)

Anything at all to make people think they actually own and control the things they post to Facebook.

See? I can get it all back, that means it's mine.....

Facebook's had a run of bad press regarding lack of user control over posted content. This is just a feature nobody will use, dedicated to persisting the illusion of control that hides the fact that Facebook is "a place for Friending marketers".

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>