Privacy scare about Facebook
Om Malik reports on a Facebook development that worries some privacy advocates.
Access to the profile information of a user of Facebook, a hyper-popular social network, has traditionally been limited to other Facebook members, and then restricted further by a fairly comprehensive set of privacy controls. Soon, however, Facebook will permit anyone to search its database and find people by name. The information provided will be limited, and users can opt out on their privacy settings page. However, once found, a searcher can send messages or “poke” someone, which, if the recipient responds, could reveal much or all of their profile.
South African membership in Facebook has tripled in three months, and now stands around the quarter of a million mark. Worldwide, the social networking site has met with runaway popularity. An early conspiracy theory had it that Facebook was secretly a project of the US government, which wanted to discover as much as it could about the online activities and connections of college kids, in its search for terror suspects. Paranoia runs deep.
For my part, I think the new privacy concerns are overblown. As much as I’d hate receiving spam via Facebook messages, this isn’t impossible today. As for private information, it is already possible, via corporate websites, whois domain registration databases, mailing list archives and personal blogs, to discover a very substantial amount of information about individuals online.
As an example, I’ll take the liberty of introducing you to Christopher Mills, the apparent cybersquatter who owns facebook.co.za. The site was first used as a scam to collect pay-per-click advertising revenue. When it was outed by Matt Buckland, it was quickly turned into a Facebook “fan site”, and now appears to be used to harvest e-mail addresses. Mills is a 25-year-old Computer Science student at the Cape Peninsula University of Technology, and lives in Newlands in Cape Town. The site claims to act as a proxy for people whose access to the real Facebook is blocked. His exact address, home telephone and mobile number are available too, as is his employment history and CV. He runs a website about making money online. He charges a pretty hefty amount for web design: R3 500 for the cheapest package, consisting of a five-page site (I didn’t realise they still came that way), a domain name (which costs R50 a year) and six month’s free hosting, which a current or former employer of his, Pescii Computer Solutions, sells from R50 a month up.
Sites such as UpScoop aren’t exactly secretive about their ability to gather personal data from multiple online networks, and other services likewise exploit this type of information for marketing purposes, as Stephanie Olsen explains in an article on ZDNet. I really doubt Facebook’s move will make that much difference.
If a picture paints a thousand words, you may want to play around with a visualisation tool, Paterva Evolution, designed by Roelof Temmingh, a South African well known on the security scene. It runs as either a web application or a more powerful standalone tool, and creates visual links between people, social networks, companies, web sites, domain names, IP addresses, documents, and more. All of this information is publicly available, but even so, the tool is pitched at forensic, law enforcement and intelligence applications.
The object lesson? If you care about privacy, consider anything you put online as compromised. If you don’t want that, don’t put it online. At all. Not your telephone number, e-mail or home address. And if you want communication to be secure, use encryption and digital signatures. I know the American police think you’re a terrorist if you encrypt your e-mail. I know South African cops assume you’re a paedophile if you encrypt your hard drive. But someone has to take that little violation of civil liberties to court, and it might as well be you.
The cards are on the table. The rabbit is out of the hat. Facebook deals from the bottom of the deck, and I’ll bet Google has an ace up its sleeve. Still, you can’t put the genie back in the bottle.
“He charges a pretty hefty amount for web design.”
You really think that’s expensive? Best you do some research - I was quoted R8000 and up for the website I wanted. Christopher sorted out my website for half the price, and I have told everybody I know how happy I am working with him.
Proud supporter of Christopher Mills.
I do, actually. Not because the rate isn’t market-related — I know people who charge a lot more — but because what is being offered appears to me very limited. I didn’t think web designers still built websites with a discrete and limited number of pages, for example. The “per page” model is so nineties. Using modern software, it is trivial to set up something far more sophisticated in minimal time.
But that’s pretty much beside the point. If he can charge what he does, and clients are happy, good on him. The point is the surprising amount of personal information that a trivial amount of online searching revealed about the owner of facebook.co.za.
To be frank, with hindsight I shouldn’t even have mentioned his commercial rates: they are supposed to be publicly available.
I guess it’s all about publicity, and I would say that he’s structured things very intelligently.
What is that saying? Oh yes, “Jealousy makes you nasty”.
Sure. Successful scams are usually fairly intelligent. And you’re right. I’ve always wanted to be a web design star, but the MCSEs were sold out.
“MCSEs were sold out” - You that slow with getting into IT?