

Wikileaks Founder: Facebook is the most appalling spy machine ever invented - fosk
http://thenextweb.com/facebook/2011/05/02/wikileaks-founder-facebook-is-the-most-appalling-spy-machine-that-has-ever-been-invented/

======
forgottenpaswrd
Shocking but true. When I read my grandparents diary about the Spanish civil
war(1936), I see they killed people for getting info about the relationships,
friendships of the principal leaders so they could kill selected people and
destroy entire public movements.

That happened in WWII too. When Soviet Russia entered Poland, the first thing
they did was to investigate the links of relationships of the Polish
resistance. They kill every single of them so nobody opposed the Soviets(if
they opposed German domination they would oppose Soviet too).

That was not far ago. Today a single American company could store all your
public information, and your messages(audio transcribing is starting to work)
because you give them.

Facebook is great as a concept, but It would be a better idea using private
implementations with your own servers not depending on a commercial company.
Something simple to use with open communications...

~~~
shazow
On the upside, the prevalence of things like Facebook also introduces a lot of
noise and weak social links.

Half a century ago you coud make a precision strike and kill half a dozen
people to cripple somebody's life. Today you could start clipping off
someone's 500+ Facebook friends or Twitter followers, but it gets really
impractical really fast and the impact wouldn't be as strong.

Back in the day, you'd find a stash of letters and find your targets. Today
Google, Facebook, and Twitter have hundreds of thousands of messages between
me and thousands of other people. Where do you start? Especially if you're
looking for something very specific like signs of strong relationships, your
thesis on this could very well be its own startup or sociology study.

Having more data than you can swallow is cool and all, but pulling something
valuable out of it is its own non-trivial task. Throwing raw computing power
at it doesn't fix it either.

(Side note: I'm all for private/secure/distributed/federated implementations
of... everything.)

~~~
wdewind
If you've got the data it's not hard to figure out who the 5 most important
people in someone's life are. Shear volume alone would give you a pretty good
estimate I bet.

~~~
shazow
Volume of conversations with people on Facebook != volume on Twitter != volume
on email != volume on IM != volume on the phone != volume IRL. [1]

Also it varies drastically year to year. I'm betting this wasn't the case 60
years ago.

Maybe I'm a special case.

Edit: [1] I mean that the social graphs vary drastically between social
networks. In fact there's almost no overlap with people I talk to on each
network. Kill them all?

------
sethg
The other day I met a guy who belonged to the MIT card-counting team portrayed
in the book _Bringing Down the House_. He mentioned that casino security
departments are now looking up their patrons on Facebook: if five people show
up at the blackjack tables at the same time and act like they don’t know each
other, but they are friends with one another on Facebook, then they are
presumably Up To Something.

~~~
ssharp
This is pretty interesting. I know casino security is a business where a
consultant can develop a technique and sell them as services to casinos
(allowing them economies of scale), but it's still pretty crazy how much
effort casinos will put out to thwart non-mechanical card counters. I wonder
what casinos estimate their annual loss to card counters?

~~~
sethg
If you (where “you” can be an individual or a team) know how to count cards
and are disciplined about following the technique, and you patronize a casino
that doesn’t catch you, there is a slow leak of money from the casino’s pocket
into yours. The whole business model of casinos depends on the slow leak going
in the _other_ direction.

~~~
dtby
This comment is completely unhelpful.

~~~
raganwald
Did you mean to imply that another comment is completely unhelpful, or was it
your intention to invoke the Epimenides paradox by writing a comment that
claims itself to be unhelpful?

[https://secure.wikimedia.org/wikipedia/en/wiki/Epimenides_pa...](https://secure.wikimedia.org/wikipedia/en/wiki/Epimenides_paradox)

~~~
dtby
How clever. The intent was more than apparent.

~~~
raganwald
Perhaps I've been reading too much Raymond Smullyan, I apologize if it came
across as a criticism of your comment. In fact, I thought the ambiguity was
clever on your part.

~~~
dtby
No worries. I thought the Planet without Laughter was particularly
entertaining.

It's also amusing in its own way to watch my comments get voted down.

I have, undoubtedly played more +EV games versus a casino than anyone on this
site. (And, yes, I will bet on that, too!) But some sort of egalitarian sense
of correctness has driven the "value" of my comments below yours.

I cared enough to make a 2nd (and now third) comment about it, but really, I
don't care. So that kinda sucks.

~~~
mitjak
Laughter? Was this supposed to be a joke?

------
mun2mun
relevant [http://www.theonion.com/video/cias-facebook-program-
dramatic...](http://www.theonion.com/video/cias-facebook-program-dramatically-
cut-agencys-cos,19753/) (in a funny way).

~~~
zyfo
What's with the downvotes? It's related. Just because it's satire doesn't make
it cheap and useless. Upvoted.

~~~
ignifero
Favourite quote: "The people who use foursquare are people that no one would
mind seeing bombed anyway..."

------
evanwalsh
Despite the article's linkbait title, Assange does have some legitimate
points.

It's all kind of frightening, actually.

~~~
oliveoil
53 people recommended this.

~~~
bbk
I see you had replied about an hour ago. Now its 548.

------
maigret
What I am missing in this discussion: how do we develop a system that is not
spying that way? Let's propose and find ideas.

~~~
Ixiaus
Owning your data is the only way to keep "other people" from owning _your_
data! A distributed F2F (friend to friend) graph of nodes (people) in which
every node (person) has the "software" to connect with the other nodes and
share information with their social graph.

The hard part there is securing it. But, with an underlying framework (like
<http://gnunet.org>) that handles anonymized, F2F, and encrypted network
topology you can build a "distributed facebook" that can share photos - events
- stories - timelines - videos - &c... The cool part about software like that
is the individual user is in 100% control (if it's open-source) of _their_
data and what is done with it (want to share that sexy-time video with just
your gf?).

GNUnet is a viable solution at this point because the project is building an
open-source framework that handles the really hard features of a distributed,
secure, and anonymous F2F (or P2P if you want, but that's less securable)
stack on-top of the network stack. With GNUnet, all you need is to build the
"features" on-top of it - the other cool thing about it too is that it would
be a desktop application (not through the browser).

There are other issues to overcome with such an implementation, but, in short
that is how you would do Facebook the "alternative" way. It's how Diaspora is
"trying" to do it (without much success because the underlying network
topology and security is a very difficult problem).

~~~
maigret
Yes. I know a bit (not much) around the principle of distributed soc nets. I
have a diaspora account, but not much is happening there, partly because they
are very few features (no chats, no photo app...).

This system is interesting, but maybe an alternative solution would be needed?
Frenzy is the kind of idea I'm thinking about... It has flows, but it seems
much more doable - builds on another network, but could possibly be platform
agnostic (what about a Frenzy working on Ubuntu cloud or even directly on
AWS?). Something with few features, but exciting like Twitter.

Maybe I am wrong... It seems to me that the biggest problem here isn't to have
a minimalist app running, but rather getting the critical mass joining. Feel
free to comment :)

------
atacrawl
I guess I sort of see his point, but isn't he overstating things? Take
Facebook out of the equation, and it's still incredibly easy for intelligence
agencies to find out everything about you. They can still tap your phones, do
surveillance, check your bank records, bug your home and read anything you
write online that doesn't happen to be on Facebook. _Maybe_ Facebook made some
of that easier, but it certainly didn't make possible the impossible.

~~~
forgottenpaswrd
No, it is not.

With facebook they could know about you EVEN when you are not into facefook.

You know , they make people tag their photos with the names on it, with face
detection. So the tree letter agencies (NSA..) have registering of events they
previously did not have access to: Your friends weeding photos tells them you
were there. They do not have to ask anymore. They know everything about anyone
with redundancy(multiple people making photos). You are your friends spy.

Once you tag your photos you do their work, instead of having to analyze 5
million pixels x 4 bytes = 20MBytes of data per photo, you reduce it to a
20Bytes name they can plot on a link graph with 1 million more with minimum
effort.

~~~
chopsueyar
But the entity must exist within Facebook's system for it to be tagged, no?

Can you tag photos of people who are not members of Facebook?

~~~
andypants
You can tag people without linking to an actual profile. You can still
manually type a name or any other text.

------
defroost
Last year we read about the Administrations proposed legislation that would
require software companies to build "backdoors" into their online
communication systems [1], but as Assange points out, they may already be in
place.

[1] <http://www.cato.org/pub_display.php?pub_id=12196>

------
nametoremember
If it appeared that Facebook had developed a portal for government agencies to
access and monitor people then it would be a big deal.

If they have implemented a way of looking up or monitoring things by
themselves (and they obviously have and need to) and just give that
information when the government comes knocking.. that's less bad.

~~~
forensic
All signs indicate that Julian Assange is correct about Facebook information
being completely and easily accessible, without judicial oversight, to US
intelligence.

This should not be surprising either, considering laws such as the USA Patriot
Act and the long history of illegal wiretapping and illegal surveillance in
general conducted by American intelligence agencies, with impunity.

Any skepticism about Facebook's availability to the NSA and CIA is, frankly,
completely naive and ignores history among other things.

~~~
edanm
"All signs indicate that Julian Assange is correct about Facebook information
being completely and easily accessible, without judicial oversight, to US
intelligence."

Do you mind showing some examples of these signs?

I'm not particularly skeptical, but it's the first I've heard of automated
interfaces like these.

~~~
neilk
Here's an article Bruce Schneier wrote about a similar system at Google.
Apparently, the Chinese hackers (widely speculated to be backed by their
government) hacked into Google using the backdoor put in place for the US
government.

<http://www.schneier.com/essay-306.html>

And the rest of the article lists all kinds of other examples that exist
worldwide.

~~~
ntoshev
Do you have any link describing this backdoor and the procedures to use it
(grandparent's claim "without judicial oversight" is the critical bit here)?
Schneier just mentions it without reference.

~~~
trotsky
I think it is fair to assume that the US Intelligence Community is likely to
work pretty hard to conceal or obfuscate their best methods of open source
intelligence gathering. Public documentation of such extrajudicial operations
is likely to be heavily discouraged, and through the patriot act tools like
NSL's are available to enforce that.

Consider the warrantless wiretapping program that went on for 5+ years. We
know that tools for court ordered intercepts were in place through CALEA and
others. We also know that the telcos were told and accepted that FISA warrants
were not needed for this monitoring. Similarly, we know that facebook
obviously has tools in place for responding to warrants, and that it is
probably true that facebook can legally reveal much/all of your account if
they want to without a warrant. Facebook is quite likely to view building a
friendly relationship with the IC to be beneficial.

Another way to think about it: Intelligence agencies strongly discourage the
use of social networking applications both by their own employees and other
federal agents.

I find it completely credible that any number of friendly and hostile
intelligence agencies and security services have widespread access to facebook
data and other social networking sites through a variety of means. It's
unlikely to be as ham handed as the <https://dni.facebook.com/> you might
imagine, but it's most assuredly there. It's simply too attractive to not be.

~~~
chopsueyar
Reading this, I realize it would be fairly trivial for a foreign government to
have an operative working at Facebook as a developer with widespread data
access.

Facebook doesn't yet require security clearance for employment.

------
r00fus
I like what one commenter said on slashdot: Facebook is a reverse wikileaks.

Everyone puts all your information into a corporate-owned box, to be
aggregated and analyzed by powerful players.

Hell, you can even "finger" others by tagging them on photos.

------
theprodigy
This guy is definitely correct.

Information Awareness Office
<http://en.wikipedia.org/wiki/Information_Awareness_Office>

I am pretty sure something similar to this exists now. The new threat to
america are not from soverign nation states, but from non state actors.
Solving the data fragmentation problem by combining sources of personal
information about behavior and life will make it easier for the gov to stop
attacks or catch a person. Combining sources like your facebook, financial
transactions, credit card bills, websites you visit (by using facebook
connect), travel history (past plane tickets that are linked to your credit
cards) can all be combined together and a predictive analytical tool can be
developed for automated red flag for things that are deemed suspicious.

Facebook can do the same thing but use the information to predict who you are
as a consumer, who you influence, how popular you are, etc to deliver targeted
ads, etc.

------
rglover
Assange's claim that Facebook and the other myriad social tool's he mentioned
are spy tools is a bit embellished. He's right in that U.S. intelligence
agencies can and will gain access to the data stored by these services (if
necessary). However, saying that it's inherently a spy tool just seems a bit
on the Salem side. If there's information about us or our lives that we deem
sensitive, the last place you want to put it is online. There's noted security
flaws in pretty much every system out there and to dismiss that reality is a
bit naive.

There's most definitely a problem with security in this era, but it's
important to note that we're the one's doing it. Honestly, anyone who may
expose sensitive information should have Facebook or any other online presence
on the top of their list as things NOT to use. When you're being nefarious
communication is a bit difficult, eh?

------
wildmXranat
Never let yourself, your loved ones, family and friends be cataloged by any
company other than the mandatory government citizen list.

Call me paranoid, but there is absolutely no reason for a social network at
all. Social engagement and links, and poking and other shit is not a benefit
to me. It's not a benefit to people even though they like to pretend it is.

In return for handing over all that information you have gained a monitored,
controlled, censored and limited way of communicating. There is a reason why
speech is protected. Why put a secondary layer of control on how you choose to
express yourself.

Taking a page out of a way-back-machine, making links between people for
complete eradication of opposition during WWII, was key in killing off most of
noble and intelligent opposition in Poland.

------
aksbhat
I believe that the benefits of a social network such as Facebook outweigh the
risks. The problem is that, it is very hard to quantify the positive effect
which arises from small interactions. Sure there is huge scope for
improvement, but one could have made similar arguments against telephony when
it was invented.

I believe we are still to see rise of real social network based applications.
e.g. something that allows us to estimate trust for a person, given his and
your social network.

~~~
alecco

      > I believe that the benefits of a social network such as Facebook
      > outweigh the risks.
    

That's a false dichotomy. There are systems for social networks with decent
privacy schemes.

~~~
eropple
There are systems for social networks with decent privacy schemes. Those
systems also have a number of users that approximate a rounding error.

As such, the dichotomy is not false in practice.

------
njharman
That's like PETA founder saying foie-gras is bad.

I'm be more impressed/interesting if NSA/CIA director said something similar.

~~~
kragen
I have heard rumors that the NSA and CIA directors have promulgated policies
against their employees using Facebook and similar sites.

------
ignifero
Spying? - maybe, for lame spies. It's manipulative, deceptive, hideous in its
exploitation of group psychology, but the information it contains is trivial
and only the lamest of spies or terrorists would use it. It's the world's
greatest reality show and that's all. If I were CIA i would search for
suspects among the people that are not on facebook. Assange himself is on
facebook. He's a smart guy, and i don't think that statement makes him
justice.

------
shareme
is he aware of what is fake an real anymore? can we say HBGary..ah yes we can

------
mahrain
Not surprising that Assange doesn't do much social networking, it seems all he
publishes is through Wikileaks, which does have a Twitter account.

This explains why.

He used to have a blog which can only be found through archive.org.

~~~
e40
I find it interesting that the people that founded FB don't do social
networking much. Telling, IMO.

~~~
code_duck
Sure, but does patio11 play bingo every day? You don't have to be passionate
about the particulars of a product to decide to capitalize on an opportunity.

(Seems like this has been an example around here before!
<http://news.ycombinator.com/item?id=1520311> )

~~~
omouse
This is different, this is about personal information being made publically
available.

~~~
code_duck
One can't assume they don't use it due to worries about personal information
being public. Perhaps they really just aren't as interested as the people who
use FB daily.

Also, since they're very wealthy public figures, they really do have to be
more careful about their private info vs. the care Joe Schmoe in Hoboken
should take.

~~~
omouse
_they really do have to be more careful about their private info vs. the care
Joe Schmoe in Hoboken should take._

You know that poorer people have property and troubles of their own that
requires personal information staying personal.

------
dvfer
At least people should know that before using it...not everyone has many
secrets to hide. What's the point hiding who you make friends with, and public
conversations? Trying too hard to stay off the grid is rather creepy...

~~~
JoachimSchipper
Is hiding my friends _less_ creepy than trawling through my friends, friends'
friends, friends' friends' friends, and so on?

~~~
dvfer
no. Both are creepy. Can't people use it like a normal person? It has to be
either extremely conservative or extremely nosy?

------
known
Your FB a/c is like your <http://en.wikipedia.org/wiki/Diary> but public to
all <http://youropenbook.org/>

------
darksaga
Oh Julian, how arrogant you are. Every time I read this guy spouting off, he
just continues to lose credibility and respect. If you don't want employers or
any other companies looking you up on social media, then don't use it - or
just use an alias or a fake name.

Nobody HAS to have a Facebook page or partake in social media. If you don't
want people tracking you, then don't use it. DUH

~~~
aw3c2
Even if you do not actively register at Facebook yourself, your friends might
give them your identity and social group by allowing Facebook to harvest their
e-mail accounts.

~~~
olalonde
Don't make friends who will do this. Don't give your real name to friends.
Don't get out of your house. etc.

I'm taking this to the extreme simply to illustrate that anything you do
publicly has a privacy trade off. Why single out Facebook?

~~~
darksaga
You don't have to go these lengths. I use quite a bit of social media and none
of the sites I use, has my correct personal information. All my ID's are all
made-up personas and connected to junk email accounts. It would take a lot to
get to my real identity. It's not hard to do, and it keeps me plenty safe.

~~~
olalonde
For the record, I wouldn't recommend what I wrote to any sane person. I was
just pushing the privacy rhetoric to the extreme to illustrate that there will
always be a trade off between privacy and social life. People seem to forget
this fundamental principle too often when they talk about the evil social
networks.

Edit: To the people who down voted to disagree, I'd like to ask: Do you think
the world would be a better place without Facebook?

~~~
aik
To answer your question: It may be too early to tell.

And I think we all agree that there has to be a trade off between privacy and
social life (or convenience). We make it every day. However, at some point
trade off has to stop becoming worth it, right? Determining that exact point
is a VERY difficult thing to do -- one that most people never even come close
to fully comprehending.

None of us have seen first-hand what repercussions the trade off can cause
when taken too far.

