
Abusing Facebook's "Publicly Available Information" - jackowayed
http://nathanhammond.com/abusing-facebooks-publicly-available-information
======
cmelbye
It was a huge shock when I realized what Facebook was doing when they prompted
me to update my privacy settings. Before, most of my profile was private. In
the new privacy wizard, though, they had automatically selected for my posts
(e.g. status updates, links) to be visible for everyone. Is this their plan
for beings "more like Twitter"? Tricking people into making their posts
visible to the world? I was about to just click "Next" without changing the
settings (as I assumed they would keep them the same), but I'm glad I read
closer.

~~~
colinplamondon
The thing that annoyed me was that I knew it was coming, I knew they were
trying to trick me into making all my stuff public, and their little wizard
still turned on a bunch of my photo albums to public.

I had to spend five minutes combing through their privacy tools to fix all the
things their privacy wizard got wrong. My preferences aren't that hard- keep
everything private to everyone but friends of friends, period, full stop.

~~~
cmelbye
Yeah, I had to go through my mother's account and fix that. She keeps almost
everything as private as it can be (Friends only for most things), but the
wizard changed her settings to completely the opposite of what she wanted. I'm
wondering how feasible it is for technically illiterate people to go through
and fix their privacy settings or know what the wizard is doing to their
settings.

------
scott_s
My entire Facebook profile has been public for a while now. I've known for a
while that this is the direction FB was going in, and I find it's much easier
to answer the question "Am I okay with the whole world seeing this?" than
weighing the probability that someone I didn't intend to see something will
see something against the content of what I want to say.

Everything you put on the internet is public. If you're uncomfortable with
some people seeing something you said or did, then don't put it online.

~~~
pxlpshr
You're telling me, stuff I put on the internet back in 1998 is still public.
My family had quite the laugh one time at a reunion when some of the old stuff
came to light...

To your point, being transparent on Twitter and Facebook helped us secure the
investor that we did. I think we would have had a harder time if it wasn't for
these "tools". I use to view Facebook more privately when I was in college,
but now there's Fb Connect + more interest in my career over sharing personal
life tidbits.

There's a relative level of privacy that I never have to question when I keep
personal stuff, personal...

------
dmnd
To respond to one of the article's examples, maiden names and family
relationships simply should not be used for security purposes.

Making this information public by default will be very beneficial for
genealogical purposes. Why prevent this in favour of perpetuating broken
security questions?

~~~
nathanhammond
Agreed. The real issue is with sites posing a "security" question that is
researchable. However, this is still a very common problem. I've taken to
giving a password when somebody asks for my mother's maiden name.

I'm in favor of genealogical research, but by my estimation that isn't nearly
as difficult these days and Facebook probably poses no obstacle nor
discernible benefit. I was simply pointing out a possible vector of exploiting
the information and that was the first one that came to mind.

------
markessien
It may be a bit difficult to understand, but most people in the world are
constantly shouting: I exist, look over here, notice me! That's why all the
kids dream of being famous.

Understand it: People don't want their thoughts or their photos or their words
to be private. Some do, but most want to be in the center of things, have
everyone read what they say, have people talk back to them, even if they are
strangers.

It seems to me the people who want to be as private as possible are the people
who are already famous.

~~~
CapitalistCartr
I think you have a good point, but in this case Facebook seems to be doing
this for their own marketing purposes, not to give customers anything they
want, or even that Facebook thinks they want. I just finished trying to set
all my privacy settings in Facebook to how I want them. I know exactly what I
want. After many pages of pointing and clicking, at what should be on oen
page, I still haven't found some of them.

------
johnl
Facebook should go in the opposite direction. They should make their
information public but forget about getting down to the individual level. They
still have to figure out how to monetize what they have. Do themes and summary
levels to start with and market that, protecting the user's privacy.

------
sysk
Someone should invent a new buzzword for people obsessed with privacy.

~~~
potatolicious
This isn't obsession - I was shocked yesterday when Facebook prompted me to
update my privacy settings, and I found that in several places they chose (by
default) to _loosen_ privacy in significant ways.

This is deliberate and sneaky - if someone just clicked through the dialog
they'd automatically sign up to broadcast to the world what was before set as
private communication.

~~~
foldr
All you have to do is select the "old settings" option for everything and it
keeps it all the same. I don't know what is so hard to understand.

~~~
nathanhammond
That is not the case, as explained here: [http://dotrights.org/what-does-
facebooks-privacy-transition-...](http://dotrights.org/what-does-facebooks-
privacy-transition-mean-you)

The discussion on that blog mirrors my experience with the tool, I had to
reset most of my things to "Only Friends" after going through the tool.

~~~
foldr
The link you give doesn't say anything about settings in the new privacy
wizard failing to take effect. I set everything to "old settings", and when I
went to my privacy page it had indeed kept all the old settings.

I expect people experiencing this just forgot to click one of the radio
buttons or something. It would be better if the wizard defaulted to "old
settings" for everything, but it really isn't that hard to use.

~~~
nathanhammond
My apologies, you are correct about that article. For some reason I thought
that article provided better information.

I can however state that from my personal experience all of my information was
set to "Only Friends" and after selecting "Old Settings" for everything, most
of my privileges were reset to "My Networks and Friends" ... I don't have
documentation of that, but that was my experience with the tool. I had to
manually go back through each to make it map to my desired privacy settings.

