Langsung ke konten utama

A Real Facebook Privacy Issue

Click to view large
I'm not one to freak out my personal information getting "leaked" from my mostly private Facebook profile, mainly because I don't publish things that I don't want people to know, but this is another story. This is a REAL Facebook privacy issue.
I Googled my email address (as I occasionally do) to see if it was indexed anywhere, because I like to keep it off the grid as much as I can. As it turns out, Facebook is the ONLY website that publishes my address, and the thing is...I don't even use that address on Facebook.

So what's happening here? Well, Facebook's "Opt out of emails from Facebook" page is getting indexed by Google. I'm assuming (based on critical thinking and moderate fact checking) addresses appear on this page if the following criteria are met:
  • Email address is not tied to an account on Facebook
  • Email address has been submitted by a friend using the "Find a friend" feature
What makes this a big problem is the fact that you can find THOUSANDS of email addresses by doing a simple Google search like:
site:facebook.com "Do you want to stop receiving Facebook emails" - fixed by Facebook
or
site:facebook.com "Do you want to stop receiving Facebook emails" @gmail.com - fixed by Facebook
Queries like this returned thousands of results, and I'm sure with a little digging, you could find more.
One obvious problem is that spammers can easily scrape this data and add easily legitimate address to their lists, many of whom might not give their addresses to Facebook for a reason. I actually remember seeing this problem a while back (maybe 6 months to a year ago), but forgot about it. I'm a little surprised that this one has slipped through the cracks for this long.

Follow me on Twitter and I'll let you know how this thing turns out.

Update: Sachin Agarwal pointed out on Hacker News that a lot of addresses getting indexed are secret addresses that people use to post to blogs (ie: Blogger). Yikes.

Update: It looks like Facebook has fixed the issue by preventing search engines from indexing that page. A big thanks to Blake Ross from Facebook for joining the thread on Hacker News to find the root of the problem and get it fixed. My email address is safe, once again!

source : http://corywatilo.com/a-real-facebook-privacy-issue-email-addresses

POPULAR

Kerajaan Jeumpa, Kerajaan Islam Pertama Nusantara

Teori tentang kerajaan Islam pertama di Nusantara sampai saat ini masih banyak diperdebatkan oleh para peneliti, baik cendekiawan Muslim maupun non Muslim. Umumnya perbedaan pendapat tentang teori ini didasarkan pada teori awal mula masuknya Islam ke Nusantara. Mengenai teori Islamisasi di Nusantara, para ahli sejarah terbagi menjadi 3 kelompok besar, yaitu pendukung (i) Teori Gujarat (ii) Teori Parsia dan (iii) Teori Mekah (Arab). Bukan maksud tulisan ini untuk membahas teori-teori tersebut secara mendetil, namun dari penelitian yang penulis lakukan, maka dapat disimpulkan bahwa Teori Mekkah (Arab) lebih mendekati kebenaran dengan fakta-fakta yang dikemukakan. Teori Mekkah (Arab) hakikatnya adalah koreksi terhadap teori Gujarat dan bantahan terhadap teori Persia. Di antara para ahli yang menganut teori ini adalah T.W. Arnold, Crawfurd, Keijzer, Niemann, De Holander, SMN. Al-Attas, A. Hasymi, dan Hamka. i Arnold menyatakan para pedagang Arab menyebarkan Islam ketika mereka mendo...

10 Daerah di Indonesia Yang Menghasilkan Wanita Cantik

Kalau  kita  ngomongin cewek cantik, mungkin tidak akan ada habisnya, hampir disemua kota  di negeri kita pasti ada yg cantik-cantik, ini saya ambil dari salah satu polling yg dilakukan di salah satu situs indonesia, Kota kota dengan populasi cewek cantik. 1. Bandung Ini dia, kota yang menurut sebagian besar pemilih mempunyai populasi cewek yang cantik2. Perpaduan kulit mulus, body bagus, wajah yang rata2 "baby face", senyum menawan, murah senyum dan tutur kata yang halus.

MyWare: Personalized Service or Invasion of Privacy?

There's a fine line between what is considered a knowledge database and an invasion of privacy, and that line is likely to be determined by marketing. This week we wrote an article about Please Rob Me - a service that identifies Foursquare and Gowalla check-ins on Twitter and lets others know that a person is not home. While location-based services are often touted for their social and recommendation-based benefits, the realization that they can be used negatively have many questioning the responsibility of those groups that collect the data. In mid January Facebook founder Mark Zuckerberg stated that the age of privacy had come to an end and we responded that evolving preferences were not a valid justification of the elimination of privacy preferences . Nevertheless, between cookie tracking and browser identifiers like those shown in the EFF's Panopticlick and the fact that it only takes your zip code, gender and birthdate to identify you, it's hard to ensure to...