
TakeThisLollipop - really clever/creepy use of the Facebook API - wesleyzhao
http://www.takethislollipop.com/
======
slapshot
Looks like it's connected with the ad agency Evolution Bureau ("EVB")
(clients: [1]), the same people who did the Office Depot-braded "Elf Yourself"
sensation [2].

Why do I think it's EVB? This is the only other site on the same IP as
manipulation.com, and manipulation.com is registered clearly to EVB. The
agency's creative work is consistent with this project too.

[1] <http://evb.com/work/> [2] <http://elf.evb-archive.com/>

~~~
caryme
It's at least the same director as Elf Yourself, according to the actor in it
([https://twitter.com/#!/billoberstjr/status/12611132567074816...](https://twitter.com/#!/billoberstjr/status/126111325670748160)).

~~~
missing_cipher
Same guy from <http://www.youtube.com/watch?v=lAihDAJX8Ow> ?

EDIT: Yup:
[http://www.fearnet.com/news/b23933_mastodon_premiere_twisted...](http://www.fearnet.com/news/b23933_mastodon_premiere_twisted_horror-
themed.html?utm_source=fearnet&utm_medium=rssfeeds&utm_campaign=rss_imdb)

------
0x12
Funny, my hosts file seems to interrupt the flow of this prank slightly.

We'll see how my s.o. reacts to it, but on my machine it does absolutely
nothing.

In case you're wondering what is in my hosts file:

    
    
      127.0.0.1 www.facebook.com
      127.0.0.1 facebook.com
      127.0.0.1 connect.facebook.net
      127.0.0.1 facebook.net
      127.0.0.1 fbcdn.net
      127.0.0.1 www.fbcdn.net
      0.0.0.0 badge.facebook.com
      0.0.0.0 blog.facebook.com
      0.0.0.0 en-gb.facebook.com
      0.0.0.0 developers.facebook.com
      0.0.0.0 touch.facebook.com
      0.0.0.0 de-de.facebook.com
      0.0.0.0 stories.facebook.com
      0.0.0.0 it-it.facebook.com
      0.0.0.0 hu-hu.facebook.com
      0.0.0.0 peace.facebook.com
      0.0.0.0 et-ee.facebook.com
      0.0.0.0 az-az.facebook.com
      0.0.0.0 0.facebook.com
      0.0.0.0 apps.facebook.com
    

A nice side-effect of this seems to be that the web has become a lot more
responsive. No more 'like' buttons popping up all over the place.

edit: regarding my s.o. it's been an interesting morning, this app seems to
have opened her eyes to facebook in a different way. No more apps.

~~~
JonnieCache
You can achieve a similar thing with the ghostery extension.

<http://www.ghostery.com/>

~~~
kgosser
Wow cool thanks for the link. Just installed it.

------
cubix
I saw a Second City improve last winter, and one of the better sketches
exploited Facebook similarly, albeit in a more lighthearted and humorous way.

Prior to the performance they would find an audience member's Facebook page
using their credit card or mailing address (presumably), and write a sketch
based on the details extracted from his or her page.

They incorporated the lucky patron's inevitable reaction into the sketch under
the pretense of reprimanding him for disrupting the show. After letting him
squirm a bit under the spotlight, the punchline was projecting his Facebook
page on the screen across the stage.

------
Pfiffer
Care to explain for those without Facebook accounts?

~~~
wesleyzhao
Indeed. So basically someone made a very high quality video of a creepy dude
in a dark room creeping on Facebook and getting really mad. Then (with some
special effects they used) they make it look like (almost perfectly) the guy
is viewing your profile page, looking through your photos, and creeping on
your friends. Then he maps your last known location on Google Maps, looks
right at you, and drives over to your house.

It's eerily realistic.

Disclaimer: not my project, found it on the web.

~~~
ricefield
not to mention that, in the car, he has a print out of your profile picture,
and a screwdriver (or is it a box cutter) in his hand as he exits the car.

~~~
zaphar
I'm betting its a lollipop in his hand. The video doesn't make it clear but
the ending title screen shows a lollipop taped to something so I feel like
that was a hint.

------
SecretofMana
For me, this was rendered hilarious by some of the images people have tagged
me in on Facebook that don't actually have me in them. Seeing the serial
killer erotically stroke a picture of a T-Pain coffee mug is rather amusing.

That being said, is there any way I can be sure besides the disclaimer that
this isn't actually saving/using my personal data outside of the video? I
guess that's part of the point, that I really can't, though.

------
lukejduncan
I don't have facebook. Anyone mind writing a tldr?

~~~
Peroni
It's a facebook app. It asks your permission to access pretty much everything
on your profile and when you finally accept it cuts to a fullscreen, high
production video of an incredibly creepy actor on a computer in a really dingy
room. It then cuts to the computer screen and shows the creepy guy scrolling
through your profile page in a very realistic manner as well as clicking
through some of your photo's and friends. The guy looks more and more
irritated and angry and he goes and looks up your location on google maps
(with mixed results, mine was relatively close).

It then cuts to him driving with a picture of your profile pic stuck to his
dashboard, the whole time you get the feeling this guy is tracking you down
with the intention of hurting you.

Really creepy and incredibly well done and surprisingly not obvious in terms
of what they are promoting.

~~~
mvzink
What __are __they promoting?

~~~
Peroni
No idea to tell you the truth. This is probably one of those 'build the hype,
keep people guessing' campaigns and eventually it will all come out.

There really was nothing in the clip that indicated any form of a product or
brand. It could be a movie teaser or a teaser for a TV show and if it is, I
for one will watch it.

~~~
0x12
Whatever it was they should have anticipated the popularity a bit better, they
seem to be down/very slow for hours now.

------
flexd
This actually just freezes for me/nothing happens after I click "Connect with
Facebook". Chromium 12.0.742.112 (90304) Ubuntu 10.10.

~~~
ma2rten
I had the same. I looked at it in chrome inspector and it turned out the
reason was that I didn't allow the 2nd set of access rights, because it said
it was optitional.

~~~
Fliko
I didn't allow them and it still worked for me.

------
driverdan
Why would anyone authorize Facebook access for a random site like this? No
privacy policy, no about page, no terms. You have no idea what they're
actually doing with your data.

~~~
yangyang
Maybe that's the point of it - most people won't think twice about
authorizing, but might realise what they've opted into once they see it.

------
VonLipwig
That was amazing. You know its a joke.. but the production value is so high
your can't help but be really creeped out by it. I have removed every app
which I have signed up to from accessing my Facebook account. I have also
bolted my front door.

 _shivers_

~~~
ltamake
I know, it's effing creepy.

I wasn't planning on sleeping tonight anyway!

------
rane
I gave the guy all those details and pics while authorizing the app!

There's no way too see those things without being my friend.

~~~
georgemcbay
There's at least _one_ other way... make a creepy viral lollipop site, get it
on the front page of hacker news, et al.

------
mindstab
One interesting thing about how this was designed, it for some reason doesn't
get your location from your facebook profile. It uses your IP address, which
led to hilarious results because while my facebook rightly says where I am, I
was using a SOCKS proxy to access this in a different city and when it showed
him looking at a map it showed the route to my SOCKS proxy instead of me. I
guess I'm safe and the crazy guy won't kill me :)

~~~
arnorhs
Not by IP, FWIW. I'm in Mountain View but the guy seemed to want to find me in
Reykjavik, Iceland, where I'm from. (I moved to the Bay Area a month ago, but
haven't update my FB)

~~~
rufibarbatus
This guy over here [1] claims the video tracked his last foursquare check-in.
I'm guessing the location algorithm tries to find a best guess of where you
might be — hence the inconsistent results.

[1] [http://www.jenders.com/2011/10/18/take-this-lollipop-and-
the...](http://www.jenders.com/2011/10/18/take-this-lollipop-and-the-
importance-of-facebook-privacy/)

------
stef25
I wonder if it would be possible to for the app to send you an sms (or even
call you!) with some creepy "I'm outside, baby" message at the end of the
movie.

~~~
Peroni
Very clever but I imagine it would be cost prohibiting given the amount of
people that will try the app out.

------
hiraki9
That was very, very well done.

How did they do video compositing on top of an embedded browser window in
Flash?

Perhaps they pre-rendered the webpages server-side using WebKit or some such
and sent a screenshot to Flash....

~~~
egiva
Flash has the capability of incorporating dynamic content in flash-driven
movies. See how to do it (easy example), here:

UPDATE: better link here: [http://flashexplained.com/actionscript/loading-
external-jpgs...](http://flashexplained.com/actionscript/loading-external-
jpgs-into-your-main-swf-movie/)

------
codezero
My guess is that this is an advertisement for LCD monitors... the guy went
crazy because he's still using a CRT... poor fella.

------
steilpass
Revoked access to tons of applications.

~~~
ljf
Likewise, found about 30 that I had allowed access to - no idea when I did
half of them! All gone now!

~~~
steilpass
Same here. And when I was at it I looked at Twitter.

------
strickjb9
This is a genius idea. I'm sure it will go viral and everyone (including their
mother) will give this site a test drive.

I can only assume that it is designed to do one thing - data mine.

~~~
dolphenstein
It has the power to post on your wall as well.

Removed the app before they pull that one....

------
robinduckett
It's nice that you can disallow the permissions granularly, for example, I
didn't mind it accessing all my data, but posting AS me on facebook? No.
Disabled. Happy days.

------
toast76
This could be exactly what I need to finally get my wife off Facebook....

------
bteitelb
The production value is very high. FB Open Graph Protocol meta tag found in
source:

    
    
      <meta property="og:type" content="tv_show"/>
    

Perhaps it's a viral media stunt to promo a new TV show.

~~~
wesleyzhao
I'm not sure that it is, but now that you mention it I feel like this could
actually be a REALLY effective viral media stunt for a new TV Show/Movie...

------
paul9290
Here's a similar thing from summer 2010. You and your friends inserted into a
horror movie trailer.

<http://www2.lost-in-val-sinestra.com>

------
caryme
It looks like this was made by Jason Zada (<https://twitter.com/#!/jasonzada>)
according to a tweet by the actor
([https://twitter.com/#!/billoberstjr/status/12614080094496358...](https://twitter.com/#!/billoberstjr/status/126140800944963586)).

------
itsnotvalid
If you don't want sites like this to view your stuff, please also set the
privacy setting for applications your _friends_ use to a better one. Or else
you would be _next_.

P.S. Since you connect to that application by yourself, that is pretty clear
that they can read your friends list, your feed and post as you.

------
runn1ng
What exactly happens after the one hour on the end? Can't afford to wait right
now

~~~
wesleyzhao
he knocks on your door

~~~
robinduckett
Yeah, good luck to him finding "X5, Cardiff".

There isn't an "X5" postcode here, nor is it anywhere near where I was last
time I did a location based update. The inaccurate google map thing is what
made me lul.

~~~
estel
I /do/ share location with Facebook, but I sent the guy off looking for " ,
(null)". I doubt he'll get there soon.

------
sebastianhoitz
There was something similar with "Notruf Deutschland": <http://www.notruf-
deutschland.com/teaser/>

They had a similar "approach" :)

Still, very nicely done!

------
kennywinker
Oooh! Well played. I really want the candy, but I know they're going to do
something bad with the information they take from me... I'm still tempted.

Ok, so I did it and now I'm never sleeping again.

------
Hitchhiker
Brilliant.. could help people think more clearly. Another play on these
issues, <http://youropenbook.org>

------
klausjensen
Would seem like the viral success has overloaded the site... I can't get it to
play any longer, and it worked an hour ago.

------
ben_hall
What happens when the countdown gets to zero?

~~~
neoveller
I tested this out for you. It just stops at 00:00:00 and nothing happens at
all!

------
lzell
Google street view would have been a nice addition too, depending on the
accuracy of the geo lookup.

------
technogeek00
Quality is fantastic, I too am curious as to how they are generating the pages
into the movie.

------
hermannj314
It killed the mood when he searched for ,(null) in Google Maps, but otherwise
pretty freaky.

------
jmilloy
I don't think I get it... when I let a facebook app access my facebook, it
can... access my facebook and look at my pictures? anyone can look at my
pictures, anyways. i'm missing something here

~~~
darklajid
I seriously hope you're not serious.

1) Of course, you _can_ allow everyone to see your pictures. That's not
necessary though and one of the (many) privacy concerns this site seems to
focus on. If you share your pictures, you share a HUGE amount of data. Ignore
the passed out/joking stuff, you might tell me a lot about your place
(expensive stuff in the background? pictures that show a street name?) and
your habits (always going to his parents on weekends. currently on vacation).
This is, in theory, very easily exploitable, for someone with a criminal mind
and the balls to pull of a stunt.

2) Regarding Facebook apps: Well, don't allow those to access your data? You
saw what this app did (and automatically, without a human involved). It can
exploit the date your coughing up every day in ways that you probably didn't
think about before.

Bottom line: If you're the 'share with everything and play any FB game' type
this might not shock you, but others might wake up and stop being very
careless with their own private data.

------
gurraman
A little video that gives you the feeling of this, without the
personalization:

<http://www.youtube.com/watch?v=-xBA0mpWuuo>

------
mikeburrelljr
Amazingly well done... Now, I'm going to cry myself to sleep.

~~~
skeletonjelly
In the same position. Had the new Walking Dead season playing on the TV in the
background. Great, great combination.

------
snaveint
That is impressively creepy. Wow. Anyone know the background?

~~~
davidw
He is seriously pissed off that you are advocating the use of Emacs over vim
in some Facebook group.

~~~
mahen23
haha, good one.

------
omid
My 64bit flash player 11 on Linux crashes right away!

------
Axsuul
Doesn't work for me? Do I not have enough info?

------
alanh
Hilarious that the content & domain name could lend this to being classified,
in some filters, as a “shock site” ;)

------
Cushman
Mobile Safari: "You need at least Flash Player 10 to view this page."

Apple saves the day again!

------
polemic
Keeps cutting out part way through, but VERY well done.

------
oscardelben
Geoffrey Grosenbach is next. Oops

------
chippy
crashes flash

------
tomasienrbc
This is a pretty disruptive use of the Facebook API. Personalized
entertainment content, I love it!

------
mahen23
Good luck finding me in the middle of the Indian Ocean dork

