If you've kept your old emails around (woohoo gmail!), one thing you can do is go back and look for the notification email you got for a particular post that you suspect was a message. There's a date search widget that makes this easier. I suspect you'll find it was a wall post.
Another thing to note (for those that follow our technology), is that the backends for these two systems are entirely different. The messages backend is hbase-backed, designed for real-time communication more than history. The timeline backend is MySQL / C++ backed. Migrating data from hbase to MySQL would have to take months of effort.
I know that even though there was no bug here, this can be an alarming experience to see old posts surfaced like this. We're working on ways to make this interaction clearer so people aren't so surprised in the future. That said, please rest assured that your inbox is not on your timeline.
You ought to be doing more than that, actually. Having been an early user of Facebook, I can assure you that people viewed wall-to-wall and other types of posts differently from how they view wall posts now. No one expected their data to be exposed this way, so for practical purposes, this is tantamount to a bug or data breach from the user perspective.
Disabling this immediately for old posts or allowing users to opt out would be the right thing to do.
Personally, I'm sad that all of my private messages have been so mundane that if they got out, it would be no big deal. I just looked through and I didn't find any meaningful dirt at all. What a shame.
These are all wall to wall posts. You can inspect for yourself using a Facebook Developer account.
Rollover the timestamp grab the POSTID.
Throw it in the Graph API Explorer https://developers.facebook.com/tools/explorer with /PROFILEID_POSTID or curl http://graph.facebook.com/PROFILEID_POSTID.
The evidence speaks for itself, it shows up as a Status object.
You can push more with even browsing your conversation via
I don't think that private messages can transform into wall posts with such ease. This would have to be intentional, it's not a simple click of a switch that can do something like some are thinking that is occurring.
Even a screenshot of a wall post, and another screenshot of the same message (in the messages folder) would be a start, but this is all just conjecture.
Is it really so hard to imagine that somebody, somewhere fudged a query and accidentally ran [pseudo-SQL] "UPDATE posts SET type='status' WHERE type='private-message' AND date = 'x' TO 'y'"?
I'll admit, it's a bit of a stretch; but the fact that these show up as wall posts is not necessarily an indication that there is no bug.
The bug may very well be that data has been manipulated to look like wall posts.
Unless Facebook discloses that these posts were flagged as "status updates" _in an archived version of their dataset_ (specifically an archive before the issue first manifested), this information means practically nothing. We could gather from the bug itself that these were flagged as wall posts in FB's backend.
According to one Facebook employee, private messages are stored on an entirely different system (MYSQL vs HBase). This seems perfectly reasonable, and precludes the possibility of a bad SQL query leaking private messages. http://news.ycombinator.com/item?id=4567009
Screenshot of old Facebook: http://news.ycombinator.com/item?id=4566962
Yes, it is hard to imagine, since they run on entirely different backends, one being mysql, one being hbase. See: http://news.ycombinator.org/item?id=4567009
A post on someone's wall had a link to 'Wall-to-wall' or 'Write on wall', in place of what we have today, the commenting system.
- Wall posts didn’t have comments in those days (nor did they have a “like” button. Can you believe it?) Conversations were all about the “wall-to-wall”.
- Chat didn’t exist, and messaging was used much less frequently. So wall posts were used for things that would be private messages now.
- Most importantly, our attitude to public wall posts was very different.
It’s the last point that’s most important. It’s hard to remember, but the current massive controversies around social media privacy were barely on the radar a few years ago. The subsequent change in attitudes is partly due to Facebook making their platform more “open”, and partially due to raising concerns amongst users.
For example, you didn’t have to worry about your posts being read by the general public – that wasn’t even an option back in 2008. You did, of course, have to worry about your mum reading about your drunken misadventures. But even that felt like much less of an issue than it does now. People hadn’t yet learned to self-censor.
The best analogy I can think of: old Facebook was like having some friends around at your own house. Though you probably wouldn’t prance about naked or insult people to their face, you’d feel comfortable dressing down or trading off-colour jokes. New Facebook is more like a social gathering in a public place – still friendly and informal, but you have to be much more careful to present a respectable image and avoid saying anything offensive.
I think Zuck was right when he said that people would adapt to a world with less privacy and more “transparency” – people adapted, and became more polite, bland and inoffensive as a result. “I never would have posted something like that on my wall”, they say, and really mean it.
It is difficult to think of something like this, where private emails are accidentally disclosed publicly en masse, happening with gmail (or any other email service).
Edit: The more I read about this, the more it seems to me that this is what is going on. I think this has interesting implications for the "Privacy is dead" attitude. It suggests to me that, contrary to popular belief in some circles, people are not ok with their diminished privacy.. they just haven't been thinking about it.
That strikes me as a very 'Facebook-eque' attitude towards the privacy of others. I am sure that if he were comfortable posting a screenshot of it, he would have done so without needing prompting.
That's like asking a rape victim to show her bruises publicly or you won't believe it. Pics or it didn't happen applies to lots of stuff but when there are a lot of people with pretty good reputations making the exact same claims then you might want to give them the benefit of the doubt.
Facebook is not above making mistakes and the number of people right here that make these claims is too large to simply be ignored or waved away. Clearly something has changed for some people, now the question is how many people are affected and what can be done about it.
I get the parallel, but still, the rape analogy feels tasteless and out-of-scale. May I suggest "that's like asking someone what their password is to prove that it was stolen"
It was the best I could come up with on the spur of the moment but I should have thought about it a bit longer. The weirdness of the request is what angered me to the point of being careless with words.
With the way sharding works I wouldn't be surprised if the whole thing was real but only affected an extremely small portion of the users, and in such a way that stuff that had been pushed into the mists of time made it back to the present somehow. That alone would qualify as a bug, the fact that facebook would shine the spotlight on old data like this is worrysome all by itself. If the data was private or in some other way hidden from normal view and suddenly given a much more prominent spot without the users being made aware of that ahead of time then that would be much more serious still.
For sure it seems that something changed.
The whole point of showing it next to a screenshot of the email or the message in the private inbox is to confirm that it is PRIVATE regardless of the actual content. There might be somebody out there who has an unusual interest in other people's private messages, but I think the vast majority of people are looking for something a bit more real than "this happened to me."
You're asking me to believe what other people say without any proof. I stopped doing that when I lost my religion.
Facebook pushes code every day. As does Google and Amazon. These are orgs with thousands of people. Not every engineer pushes code every day.
i'm deleting every facebook message as a result of this, which isn't easy as it has to be done one by one.
i am in the US, but my UK friends are the ones who alerted me to it, as it was happening to them as well.
Is the quickest option a manual delete? She is freaking out.
Edit: I have set her privacy as strict as I can for now, but having pressed her on the topic, it isn't entirely certain that these messages were ever private.
My comment to her was that even if they were always on your wall, you (in hindsight) don't think they should have been. Don't let Facebook convince you that you are wrong to have thought differently. Facebook's model doesn't work like the arrow of time, memories and conversations don't fade out naturally and disappear, they just stay there permanently. And today, your present self wonders what you were thinking that made you post that. When you add that to the fact that your social graph on Facebook was different 5 years ago than it is today, it makes sense that you naturally think certain things should have been private.
In other words, you weren't fit in 2006 to know what in 2012 you would regret having posted and you aren't fit in 2012 to know what you are going to regret in 2018.
If you really are freaking out about stuff that your past self thought should be known to the world, then do your future self a favor and stop putting your life on Facebook.
If they decide to make public every thing you've ever written in rolling 10 year intervals there is nothing you can do to stop them.
The public has no idea how much can go wrong giving one entity essentially a copy of their entire private lives.
Do not trust your memory. Do not trust your assumptions. Just because this is plausible and everyone is claiming to be affected by it is not proof that it is in any way true. Check your notifications and find real evidence.
No one in here has even claimed to have confirmed this with email, let alone posted any evidence.
Given the update on the Tech Crunch article, and the fact this is regarding wall posts from three years ago (which people probably don't have the best recollection of) my two cents is for those that believe that this is affecting them to temporarily deactivate their FB account, and the rest of us wait until we see some follow up blog/news posts with hard evidence before we start yelling that the sky is falling.
My friends are ASSURING me that these are private messages. But every media outlet is now running the story that this is not true. And I have seen no evidence. So what do I believe?
Trusting FB? I hope you are joking. You are the product being sold & FB will maximize the value of that at any cost.
Its all one big scam: They provide endless privacy controls over what your friends can see, but discreetly forget to provide controls over what they can sell to advertisers.
1. Take the site down and prevent any further leaks. But accept the absolutely massive flak that would come from that.
2. Continue to let the leaking happen and try to hotfix the bug. Be accused of failing to get a handle on it, but perhaps get away with it if fixed in the next 20 minutes.
I'd bet that it's been like this for ages and only just been noticed. That will make fixing it a bit harder I should think - not simply a rollback to the previous push.
It's probably not private messages - but it is messages that people think should be private TODAY. But it doesn't really matter - it's perception that matters here. And also I guess this is an illustration of how people's attitudes to FB have changed over time.
"I would NEVER have shared this publicly." they say. But either they did, and now don't trust FB in the way they used to. Or they didn't and there's a bug. Neither are good for FB's brand.
There is no good way to answer "how do we correct a story that was completely wrong," but this seems to be a decent enough way to do it.
That makes me wonder if there is some malicious self-interest behind this. Here's the formula:
ubiquitous yet misunderstood personal technology + sensationalist media + power of suggestion + deliberate astroturfing campaign = sudden and immense drop in stock price.
Not that I actually think this is the case, but it wouldn't be outside the realm of the possible.
I am done with Facebook now. Bye.
In principal, though, this bug shakes me to the core. Had it chosen to sample posts from 2010+ rather than 2008-2009; hell, I could easily be out of a job, or be dealing with some very upset family members.
This is unacceptable; it violates any shred of trust I had left in Facebook as a platform.
I'm done, too.
"TechCrunch has investigated more, and we have found no evidence that the allegedly exposed posts were actually private messages. Their email receipts show they were in fact wall posts, and the posts do not appear in users’ Facebook Messages inbox.
Facebook also says in no uncertain terms that there is absolutely no privacy bug. What people are seeing are old Wall postings, not private messages. A spokesperson tells TechCrunch:
“Every report we’ve seen, we’ve gone back and checked. We haven’t seen one report that’s been confirmed [of a private message being exposed]. A lot of the confusion is because before 2009 there were no likes and no comments on wall posts. People went back and forth with wall posts instead of having a conversation [in the comments of single wall post.]
A small number of users raised concerns after what they mistakenly believed to be private messages appeared on their Timeline. Our engineers investigated these reports and found that the messages were older wall posts that had always been visible on the users’ profile pages. Facebook is satisfied that there has been no breach of user privacy.”"
This is why real reporters actually check into news stories first before publishing. I have yet to find a single shred of evidence anywhere that shows this has been verified and repeated. And I've been looking pretty hard for the last 30 minutes.
You need not look so far, it's right here in this thread. People are confirming some of their private messages set to 'friends' only to be world visible on their timeline.
Sounds pretty clear to me, I figure that the lady knows which conversation were private and which weren't, if only by their content.
Amazing how many people have "confirmed" it but nobody has posted anything verifiable. Just a screenshot of the private message inbox/email + the post on the timeline. Redact as much as you want.
I've gone through the messages on my timeline, and truth be told I don't remember the context of a lot of the messages, so it wouldn't surprise me if people don't remember if something was private.
I don't even like FB, but come on people.
Look through the "private messages" of your friends. The dead giveaway is that a huge number of them are happy birthday posts. People post those on walls.
So much press on this 'bug' but so little proof
To which I reply: I'm sorry, but my personal matters are personal _expressly because_ I've found people to be ignorant, bigoted, biased, or otherwise untrustworthy when it comes to matters of my identity.
The fact that I could lose my job because of my thoughts on cannabis prohibition? Or that I could be disowned because of my political and [lack of] religious tendencies? These things are private not because they're wrong, Mr. Schmidt. They're private because _someone_ thinks they're wrong; and _someone_ is making decisions that could impact _my future_ by judging what's publicly available.
I can no longer trust Facebook to be a secure messaging platform, which is basically all I used it for. I'm going to take charge of my web presence to whatever degree I can. I'm done letting large corporations abuse my data for their own gain, only to have shit like this happen.
Q: People are treating Google like their most trusted friend. Should they be?
A: I think judgement matters… If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place. But if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities.”
Indeed; it was actually interesting to see how different Facebook was back then. So much more intimately public in terms of messaging and back/forth.
Does anyone actually have real evidence? Maybe a screenshot of a message that CLEARLY is private and in no circumstance would they have forgot posting it on a wall THREE YEARS ago?
If they were originally wall posts, your "threads" of conversation would be comments, not individual posts on each other's walls.
This system gave conversations a different feel, and is now causing people to confuse them with private messages.
Edit: see http://news.ycombinator.com/item?id=4566956
Well, FB had kind of jumped the shark. I guess they wanted to leave no room for doubt about it.
It seems pretty clear at this point that there's no evidence that private messages were made public- other than hearsay.
Even if it's just people's perception, it actually matters a lot. Facebook need user to trust them on privacy issues, that's their core.
Now I don't even know if it's new as I never check my FB Timeline (which SUCKS btw) ...
I just heard on the radio that the French government is monitoring the issue. Yes, that's what the country needs !?
What is kinda hilarious is that even on 2007 people were confusing wall-to-wall messages with private messages !