> How did it get his photos? Well, he has friends who signed up with Facebook. View scans its user’s Facebook friends for other students, and creates fake View profiles
I thought the Facebook API does not allow pulling the complete friends list anymore. i.e. it excludes those friends that do not already have the corresponding Facebook app installed, precisely to stop this tactic?
> Friend list now only returns friends who also use your app: The list of friends returned via the /me/friends endpoint is now limited to the list of friends that have authorized your app.
Maybe web scraping then? It would not be so hard to make a focused scraper that scrapes the friends of anyone using the app.
Edit: I did a quick test and at looks like I can see the friend list of many users that is not in my immediate network as long as I am logged in to Facebook. It should then be easy to use something like Perls WWW::Mecanize to make a scraper that log inn and scrapes the profiles you want, as long as one do not need so many that Facebook detects and banns you.
No they probably do not have the users Facebook password, but they do not need it for scraping, because they can just use their own use for that.
I have looked around on Facebook and it looks like one can see other users friend list, even if you are not in their immediate network.
Even if Facebook has a limitation, like you can only see the friend list of friends of friends the company behind this app could probably make some fake Facebook users and befriends someone on each university to get an ok coverage.
It depends on the privacy settings. Though the several iterations of privacy scaremongering and Facebook changing defaults resulted in people locking up their accounts like crazy, friend lists seem to still be visible semi-publicly for quite a lot of people. With more news like that, this will probably change too, though.
It's totally a POV issue IMO, that's why I phrased it that way :).
For me, half of the Facebook's utility was the ability to check people out without having to commit to a relation with them first. A publishing platform, a little bit like personal pages of old, but much more streamlined and accessible to the mainstream. But it turned out there's enough bad actors around (stalkers, marketers) that people voted against this, and so Facebook is now a very locked down place. I think most of those fears people have are overblown, but well, that's only my opinion and it seems that most people disagree.
Though those concerns may be real, the privacy issue being discussed is still a trick employed by Facebook. By redirecting people's fear towards the amount of information that the public can see, they were able to keep them from talking about the original issue -- what Facebook tracks, saves, and uses for advertising.
I thought the Facebook API does not allow pulling the complete friends list anymore. i.e. it excludes those friends that do not already have the corresponding Facebook app installed, precisely to stop this tactic?