That happened in WWII too. When Soviet Russia entered Poland, the first thing they did was to investigate the links of relationships of the Polish resistance. They kill every single of them so nobody opposed the Soviets(if they opposed German domination they would oppose Soviet too).
That was not far ago. Today a single American company could store all your public information, and your messages(audio transcribing is starting to work) because you give them.
Facebook is great as a concept, but It would be a better idea using private implementations with your own servers not depending on a commercial company. Something simple to use with open communications...
Half a century ago you coud make a precision strike and kill half a dozen people to cripple somebody's life. Today you could start clipping off someone's 500+ Facebook friends or Twitter followers, but it gets really impractical really fast and the impact wouldn't be as strong.
Back in the day, you'd find a stash of letters and find your targets. Today Google, Facebook, and Twitter have hundreds of thousands of messages between me and thousands of other people. Where do you start? Especially if you're looking for something very specific like signs of strong relationships, your thesis on this could very well be its own startup or sociology study.
Having more data than you can swallow is cool and all, but pulling something valuable out of it is its own non-trivial task. Throwing raw computing power at it doesn't fix it either.
(Side note: I'm all for private/secure/distributed/federated implementations of... everything.)
Also it varies drastically year to year. I'm betting this wasn't the case 60 years ago.
Maybe I'm a special case.
Edit:  I mean that the social graphs vary drastically between social networks. In fact there's almost no overlap with people I talk to on each network. Kill them all?
I guess Stalin believed in "In doubt kill em all". Weak social links won't save you when there's a psychopath on the throne.
This is the best answer I've seen.
It's our responsibility as citizens to keep the gov't in line, though somehow we have been convinced that it is strictly the opposite. The more we share about our lives, the easier it is for various organizations to silence what they don't like.
At least most of us are taking for granted that bit of knowledge, as to actually have this conversation about card counting. Thanks for clearing it up for us.
Furthermore, its position in this thread makes it an entirely offtopic reply to a legitimate question.
Please downvote. Greying out my response will get many more people to read it.
It's also amusing in its own way to watch my comments get voted down.
I have, undoubtedly played more +EV games versus a casino than anyone on this site. (And, yes, I will bet on that, too!) But some sort of egalitarian sense of correctness has driven the "value" of my comments below yours.
I cared enough to make a 2nd (and now third) comment about it, but really, I don't care. So that kinda sucks.
I downvoted dtby's comment because the reasonable way to deal with worthless comments is to downvote them, not post a followup saying "This comment is completely unhelpful."
In the absence of security countermeasures on the casino end, counting cards is not very difficult. You need to be able to do some mental arithmetic in a distraction-filled environment, and you need the self-discipline to follow the technique even when your guts are telling you otherwise, but lots of people have those character traits.
So if a casino does not take active measures to distinguish the blackjack players who are counting cards (who need to be kicked out) from the blackjack players who are just lucky (who need to be courted until their luck runs out), then lots of people, not just the generic “you”, will show up and gradually bleed the house dry.
In case anyone happens to continue to be confused: see, also: No true Scotsman.
You don't only get downvoted for being incorrect.
If it seemed like I care about getting down voted, I assure that's only ancillary.
I had no idea that was the point you were trying to make. But I still don't know the reasoning behind your claim - to me, it makes sense for casinos to spend money looking for and kicking out card counters.
Any idea how they go from your photo to your facebook profile?
Presumably they'd need to scrape facebook for all profile photos and names, which isn't that easy? (I could be wrong here, I'm sure some company would sell you that data) Alternatively they'd need to link your picture to a name, which they could do with a loyalty card, but I don't think that's very likely for cheaters (why would they have a way for the casino to easily track them?)
It's all kind of frightening, actually.
The hard part there is securing it. But, with an underlying framework (like http://gnunet.org) that handles anonymized, F2F, and encrypted network topology you can build a "distributed facebook" that can share photos - events - stories - timelines - videos - &c... The cool part about software like that is the individual user is in 100% control (if it's open-source) of their data and what is done with it (want to share that sexy-time video with just your gf?).
GNUnet is a viable solution at this point because the project is building an open-source framework that handles the really hard features of a distributed, secure, and anonymous F2F (or P2P if you want, but that's less securable) stack on-top of the network stack. With GNUnet, all you need is to build the "features" on-top of it - the other cool thing about it too is that it would be a desktop application (not through the browser).
There are other issues to overcome with such an implementation, but, in short that is how you would do Facebook the "alternative" way. It's how Diaspora is "trying" to do it (without much success because the underlying network topology and security is a very difficult problem).
This system is interesting, but maybe an alternative solution would be needed? Frenzy is the kind of idea I'm thinking about... It has flows, but it seems much more doable - builds on another network, but could possibly be platform agnostic (what about a Frenzy working on Ubuntu cloud or even directly on AWS?). Something with few features, but exciting like Twitter.
Maybe I am wrong... It seems to me that the biggest problem here isn't to have a minimalist app running, but rather getting the critical mass joining. Feel free to comment :)
This whole story to me seems like "chainsaws the most appalling mutilation machine ever created", whilst that might be true [I doubt it] they're just a tool and one is at liberty to choose to use the tool how one wishes (within the confines of its locus of potential operations obviously).
Does naivety of users make a tool bad?
With facebook they could know about you EVEN when you are not into facefook.
You know , they make people tag their photos with the names on it, with face detection. So the tree letter agencies (NSA..) have registering of events they previously did not have access to: Your friends weeding photos tells them you were there. They do not have to ask anymore. They know everything about anyone with redundancy(multiple people making photos). You are your friends spy.
Once you tag your photos you do their work, instead of having to analyze 5 million pixels x 4 bytes = 20MBytes of data per photo, you reduce it to a 20Bytes name they can plot on a link graph with 1 million more with minimum effort.
Can you tag photos of people who are not members of Facebook?
Also, all of everyone's information is now available from a single broker. With law-enforcement API's that (I'm assuming) FB provides, it's possible to track thousands of people in real-time for months without leaving the room or investing in lots of equipment. So it's not just that surveillance is "easier" but that it's now accessible to lots of people who couldn't do it before.
Centralization and acceptability of personal information being public are the two main problems.
If they have implemented a way of looking up or monitoring things by themselves (and they obviously have and need to) and just give that information when the government comes knocking.. that's less bad.
This should not be surprising either, considering laws such as the USA Patriot Act and the long history of illegal wiretapping and illegal surveillance in general conducted by American intelligence agencies, with impunity.
Any skepticism about Facebook's availability to the NSA and CIA is, frankly, completely naive and ignores history among other things.
Do you mind showing some examples of these signs?
I'm not particularly skeptical, but it's the first I've heard of automated interfaces like these.
And the rest of the article lists all kinds of other examples that exist worldwide.
Consider the warrantless wiretapping program that went on for 5+ years. We know that tools for court ordered intercepts were in place through CALEA and others. We also know that the telcos were told and accepted that FISA warrants were not needed for this monitoring. Similarly, we know that facebook obviously has tools in place for responding to warrants, and that it is probably true that facebook can legally reveal much/all of your account if they want to without a warrant. Facebook is quite likely to view building a friendly relationship with the IC to be beneficial.
Another way to think about it: Intelligence agencies strongly discourage the use of social networking applications both by their own employees and other federal agents.
I find it completely credible that any number of friendly and hostile intelligence agencies and security services have widespread access to facebook data and other social networking sites through a variety of means. It's unlikely to be as ham handed as the https://dni.facebook.com/ you might imagine, but it's most assuredly there. It's simply too attractive to not be.
Facebook doesn't yet require security clearance for employment.
If law enforcement have their own backdoor, that seems to suggest less judicial oversight. I personally trust Schneier to depict the state of affairs accurately, probably using public and non-public information.
Welcome to citations in the Google age. I remembered the original story but never saw his followup. I wish he had amended the first blog post.
Have you ever used a web framework like Django? Imagine its admin interface except with way more data.
Everyone puts all your information into a corporate-owned box, to be aggregated and analyzed by powerful players.
Hell, you can even "finger" others by tagging them on photos.
Information Awareness Office
I am pretty sure something similar to this exists now. The new threat to america are not from soverign nation states, but from non state actors. Solving the data fragmentation problem by combining sources of personal information about behavior and life will make it easier for the gov to stop attacks or catch a person. Combining sources like your facebook, financial transactions, credit card bills, websites you visit (by using facebook connect), travel history (past plane tickets that are linked to your credit cards) can all be combined together and a predictive analytical tool can be developed for automated red flag for things that are deemed suspicious.
Facebook can do the same thing but use the information to predict who you are as a consumer, who you influence, how popular you are, etc to deliver targeted ads, etc.
There's most definitely a problem with security in this era, but it's important to note that we're the one's doing it. Honestly, anyone who may expose sensitive information should have Facebook or any other online presence on the top of their list as things NOT to use. When you're being nefarious communication is a bit difficult, eh?
Call me paranoid, but there is absolutely no reason for a social network at all. Social engagement and links, and poking and other shit is not a benefit to me. It's not a benefit to people even though they like to pretend it is.
In return for handing over all that information you have gained a monitored, controlled, censored and limited way of communicating. There is a reason why speech is protected. Why put a secondary layer of control on how you choose to express yourself.
Taking a page out of a way-back-machine, making links between people for complete eradication of opposition during WWII, was key in killing off most of noble and intelligent opposition in Poland.
I believe we are still to see rise of real social network based applications. e.g. something that allows us to estimate trust for a person, given his and your social network.
> I believe that the benefits of a social network such as Facebook
> outweigh the risks.
As such, the dichotomy is not false in practice.
I'm be more impressed/interesting if NSA/CIA director said something similar.
This explains why.
He used to have a blog which can only be found through archive.org.
(Seems like this has been an example around here before! http://news.ycombinator.com/item?id=1520311 )
Also, since they're very wealthy public figures, they really do have to be more careful about their private info vs. the care Joe Schmoe in Hoboken should take.
You know that poorer people have property and troubles of their own that requires personal information staying personal.
Do you see the value of the information for the illegitimate regime to use?
Mapping someones friends by good old detective work is not that difficult. It just takes time. It will also reveal much more than your facebook account will. What is frightening to me is the automation. It simplifies your relations to people and can lead to some unpleasant connections.
People should also be educated about the fact that facebook is not a private forum. Everyone knows not to bitch about their boss too loudly in the cafeteria. But for some reason they are happy to write about it to their wall.
A Facebook profile is better in someways than a thumb print or DNA. Net-citizens can be automatically character profiled.
You also don't need everyone to use the system to grasp a people's mindset.
Nobody HAS to have a Facebook page or partake in social media. If you don't want people tracking you, then don't use it. DUH
I'm taking this to the extreme simply to illustrate that anything you do publicly has a privacy trade off. Why single out Facebook?
Edit: To the people who down voted to disagree, I'd like to ask: Do you think the world would be a better place without Facebook?
And I think we all agree that there has to be a trade off between privacy and social life (or convenience). We make it every day. However, at some point trade off has to stop becoming worth it, right? Determining that exact point is a VERY difficult thing to do -- one that most people never even come close to fully comprehending.
None of us have seen first-hand what repercussions the trade off can cause when taken too far.