
Is Facebook even safe anymore? - maxxwhite
https://privacytips.jimdofree.com/is-facebook-safe/
======
envy2
Do people really hate FB so much right now that this garbage becomes the top
article on HN?

This website[1] seems to be entirely blank aside from this article, the claims
made are dubious at best and essentially unsourced, and the alleged "breaches"
discussed seem to all just be dumps of easily scrapable data or things third-
party developers (not FB) left lying around. There's zero evidence whatsoever
of actual breaches of FB servers here, which would be a major story covered by
far more reputable sources were it true.

As far as I can best see, this is trying to sell people on VPN services for
which the author gets a commission, given the embedded link to a "best VPNs"
site...

[1] [https://privacytips.jimdofree.com/](https://privacytips.jimdofree.com/)

~~~
jevans22
It's because it's such a highly controversial subject. I completely agree
there's good and bad on Facebook, but overall feel like it nets out positive.

~~~
rocketpastsix
Im having a hard time finding a positive in Facebook.

~~~
LatteLazy
I don't know how to say this without sounding aggy, sorry.

If you don't see the value, don't use it. Not every product is for everyone.
It's entirely possible that for you there is no value in Facebook use. It has
a low value for me (excluding WhatsApp).

I use it only because I think its zero cost/risk. I'm very unlikely to fall
for phishing scams and no useful (not already public) information about me is
on there.

To me this is one of the big frustrations of the article: Facebook is safe for
some and unsafe for others, it's useful for some and not for others, it's
"worth it" for some and not for others...

~~~
lozf
But simply "not using it" isn't enough. They still glean all sorts of
information about you from both your browsing habits and other people you may
know, or even those who may simply have stored your phone number or email
address in one of their devices.

~~~
LatteLazy
That's fine, but it's another example of this being a complex, personal matter
not a simple yes/no universal answer...

------
tjpnz
Working in Japan security breaches can and do happen, but when they do the
government has the ability to fine said corporation or even force them to
cease offering services for a period of time.

I get the distinct impression that US companies largely face no consequences
for data breaches and when they do it's fines that equate to less than a
percent of their annual profits. Unless something changes there is very little
incentive to start taking this stuff seriously.

~~~
tidenly
Despite all that, Japanese IT data security is a joke though. They all talk
the talk here but most systems I've seen are held together by sticks and glue
on the backend. If I didn't live here I wouldn't dream of giving my data to a
Japanese firm.

~~~
ajsnigrutin
...sony...

~~~
nsomaru
Your point being?

~~~
ajsnigrutin
Sony had massive issues with PSN security a few years ago

------
zelphirkalt
It never, or at least not for a long time now, has been safe.

Data breaches are not even the main concern. The main concern is, how FB
itself acts with your data in its pockets. Do not trust the a millimeter far.

------
eddieoz
Facebook has information as a business model.

It could be improved, like the user having the real ownership of all personal
data and with confirmation to where, to whom and when delivering it.

But, for real, will those changes please their investors?

------
hellofunk
I canceled my Facebook account a few months ago. A full delete, not a
deactivation. Somehow, I still get the occasional email notification from a
Facebook group, and it makes me really really curious to know how that could
be possible if my account is supposedly gone.

------
smt88
tl;dr The author worries that Facebook data breaches suggest unfixable infosec
problems at the company.

My response:

Data breaches are a secondary concern. Facebook has too much data for anyone
to exfiltrate a large percentage of it.

The primary bad actor is Facebook itself, which can analyze and operate on
_all_ of that data (to share with governments, partners, or psychological
experiments).

~~~
dangus
But then again, the practices you mention in your last paragraph have
literally nothing to do with the subject of this article (not saying that I do
or don’t agree with you there).

~~~
smt88
> _But then again, the practices you mention in your last paragraph have
> literally nothing to do with the subject of this article_

That's the point of my comment. The article asks if Facebook has become unsafe
because of hackers. I was arguing that Facebook has been unsafe for a long
time because of Facebook, rendering the article somewhat beside the point.

Asking if Facebook is unsafe because of hackers is like asking if a vial of
arsenic might be contaminated with cyanide. Yes, it may be contaminated, but
it was already guaranteed to kill you.

------
TLightful
Facebook = Malware

------
ForHackernews
Facebook is a data breach.

------
pacamara619
It never was safe.

~~~
fastball
Perennial reminder of a conversation early on in Facebook's life:

> Zuck: Yeah so if you ever need info about anyone at Harvard

> Zuck: Just ask.

> Zuck: I have over 4,000 emails, pictures, addresses, SNS

> [Redacted Friend's Name]: What? How'd you manage that one?

> Zuck: People just submitted it.

> Zuck: I don't know why.

> Zuck: They "trust me"

> Zuck: Dumb fucks.

------
supernintendo
The irony is that Hacker News is literally unsafe to use as it puts users at
risk of doxxing by not providing basic privacy functions like post and/or
account deletion or even the ability to change your username. I really don’t
understand why the HN crowd (which claims to be privacy focused) never seems
to call this site out on that. Did I miss the text when you sign up telling
you that everything you post will be publicly accessible for the rest of time?
Is there even a mention of it anywhere?

To answer the original question though, no Facebook isn’t safe and never was.
Delete your account. I did four years ago and I’ve never missed it.

~~~
ghaff
>Did I miss the text when you sign up telling you that everything you post
will be publicly accessible for the rest of time

While reasonable people can disagree on this point, it seems a valid point of
view that once you've publicly posted something that's part of an online
conversation you can no longer unilaterally delete it.

~~~
goatinaboat
_once you 've publicly posted something that's part of an online conversation
you can no longer unilaterally delete it._

But once you delete your account those posts can be attributed to “Deleted
User”. HN doesn’t even do that.

~~~
ghaff
I agree that's a more defensible position. Of course, there are lots of
situations--you have a bylined article "printed" in a newspaper/magazine, you
write a book, you appear speaking in someone else's YouTube video--where it's
not really reasonable to expect to be able to expunge what you've written from
the public record.

This isn't a new thing. You couldn't typically delete a Usenet post either.

What has changed is how easily and casually people can put things out in
public without editorial oversight that they may regret.

~~~
goatinaboat
_You couldn 't typically delete a Usenet post either._

In the early days of Usenet posts were ephemeral and would only last a week.
That expectation was baked into the culture and everyone was surprised to find
a sneaky organisation had been archiving it all to monetise later.

~~~
ghaff
Maybe in the very early days. But there were various archives of many
newsgroups pre-Web (much less pre-DejaNews and Google).

~~~
goatinaboat
Yes lots of groups had their FAQs for example on an FTP site, but ordinary
posts weren’t typically archived

------
dangus
Meh. Email address, date of birth, names, phone numbers aren’t private. Some
of these we even willingly disseminate publicly.

If these pieces of data are used for authentication for some other service (
_cough_ healthcare), that is a flaw elsewhere - not with Facebook.

If we are gonna be upset about this we should still be upset about Equifax,
which we totally forgot, didn’t we?

I’m now under the assumption that some kind of data breach of mine is
inevitable. It’s not worth stressing out about in a lot of ways.

~~~
goatinaboat
_we should still be upset about Equifax, which we totally forgot, didn’t we_

By any reasonable definition Equifax got away with it Scot free. No one is
expending any energy getting angry about it because it has been repeatedly
demonstrated that regulators don’t care about data breaches so what can you
do?

No company is going to care about this until C-suites and boards start going
to jail.

