Hacker News new | past | comments | ask | show | jobs | submit login
A Facebook Bug Exposed Anonymous Admins of Pages (wired.com)
50 points by pferde 9 days ago | hide | past | web | favorite | 14 comments

This is why Facebook's policy against multiple accounts is bad. People need separate (and possibly pseudonymous) accounts for their professional, personal, and unattributed work.

You can have them untill someone reports them. As long as you keep them private to only manage pages or groups it should be fine.

>posted for 4chan


> pseudonymous artist Banksy, Russian president Vladimir Putin, former US secretary of state Hillary Clinton, Canadian prime minister Justin Trudeau, the hacking collective Anonymous, climate activist Greta Thunberg, and rapper Snoop Dogg, among others

I want to see who posted to these besides the person that said they were.

In some cases it makes sense, I don’t expect Putin to make his own posts, we already know Clinton does not, but Greta Thunberg? Isn’t the denier campaign against her that she’s part of a PR initiative and not just a 16yo that made it to the world stage on her honest activism?

I’d like to see for myself who and how many people were posting on these people’s behalf - but I don’t want to go 4chan or support doxxing.

Wait... is this actually doxxing? It’s the name of an account that made a post on a public aite, doesn’t seem like the same as someone’s home address.

> want to see who posted to these

Obvious stuff, Greta is a sock puppet for Svante Thunberg, her father. Rich people and politicians use PR agencies. Some Polish troll farms turned out to be run by state-owned broadcaster TV employee in charge of official news portal, the usual.

it sort of is doxxing because these are private people running very public accounts with their own facebook accounts. This could easily lead to the exposing of someone's home address

But where does the second x come from?


Doxing or doxxing (from dox, abbreviation of documents)


"It's not something most people would have encountered on their own, since it took navigating to a Page, viewing an edit history, and realizing that there shouldn't be a name and profile picture assigned to edits to exploit it."

All someone had to do was click "Edit history" when viewing a post. As if no one ever does that. The Edit history link is included on even on their most basic mobile interfaces. Am I reading this wrong. This sounds like backpeddling.

Since it is easy to edit a page's html with developer tools, screenshots of web pages prove nothing and are pointless.

In Poland some politicians admitted that the leaks were true.

Not a day seems to go by without major fuckups by Facebook.

Definitely the type of thing a unit test is supposed to catch when you have a project as large, well-funded, and important as Facebook. Still, bugs of this type have been exceedingly rare, so I suppose one is bound to happen eventually.

All bugs are shallow with a billion users. The infrequency of this kind of bugs, as you say, is a testament to hard work on Facebook’s side.

I suspect it's more of an issue of code review. Hypothetically both fields are in the same object and the coder used the wrong field. A unit test could totally be in place doing it's job but you just have bad business logic, that no one caught.... who knows though :)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact