Sunday, December 25, 2011
Stalking Privacy on Facebook, One Psycho at a Time
phisby John Fontana
If you were asked who could harvest a trove of personal data from 10 million Facebook users in just three weeks you might guess company CEO Mark Zuckerberg over Jason Zada. You'd be dead wrong.
Who is Zada? He offered something scary at Halloween and nearly 10 million strangers stepped up and provided him access to their personal Facebook information to get it. Unwittingly walking him past their privacy settings and into their policy-protected data vaults. Maybe you were one of them?
Certainly more than 10 million people viewed Zuckerberg's private photos a few weeks ago when a Facebook bug exposed them to the public. But Zuckerberg was hacked, Zada's millions were socially engineered, accomplices in their own fleecing.
What sophisticated tool did he use? Facebook Apps.
Zada was the creator of TakeThisLollipop.com, a viral Facebook app that collected your Facebook pictures and profile information and put it in the middle of a psycho stalker video.
It was hailed as brilliantly scary. The video ends with the psycho getting out of his truck at a house. Your photo taped to his dashboard. Zada said it was a message about privacy.
"If you look at the video, the scariest part is that your information is in the video. The piece is scary because a person is violating your privacy, not because it's bloody or there's anything jumping out," he told AdAgeDigital.
Actually the scariest part is that your information is in the hands of the Facebook application developer - in this case Zada, who it turns out is benign. His intent was to entertain and his app clearly stated it was not saving your information. But what's to stop a real life psycho from doing the same thing and saving the data? Nothing really.
Facebook has a set of usage policies for its Facebook Platform, which is what developers use to create apps. Among other requirements, the policies dictate application owners must delete all user data if they stop using the platform or Facebook shuts down their app. And policy says app developers must 'delete all data you receive from us concerning a user if the user asks you to do so.'
If developers are running a business, policy means something. If you're running a scam, policy talk is cheap.
How can a real-life psycho (or scammer, phisher) get your 'protected' data? Ironically, exactly the same way Zada did.
Set-up an app that lets users grant you access to their data, show them a video or offer a game, collect their information, stalk in real life.
In Zada's video you see the psycho is looking at a map to your house. Where do you think that information came from?
What Zada proved is that the Facebook stalker scenario is real-life. The potential psychos you block via privacy settings know your back door is unlocked. A scam would likely run the same as TakeThisLollipop. It sprung up on the Internet, went viral and disappeared in 20 days.
Could it have been sleuth hackers, the Russian mafia, the cliché computer hermit in his parent's basement?
It's an email phishing scam mimicked on the social web. It relies on user habit and social engineering - surfing, prurient interest, etc.
Do users know (or care) Facebook apps by-pass privacy settings? One developer I spoke to said after he wrote his first Facebook app he revoked access to every Facebook application he had signed on to. He was dumbstruck by the amount and depth of user information his app made available to him. When he tested it against his own Facebook account, no matter how tightly he screwed down his privacy settings, the app still had access to just about everything it requested.
TakeThisLollipop.com proves that a fool and his password (and data) are soon parted. Facebook is a ripe audience; unwittingly picked apart.
original article found here
Labels:
application,
Facebook,
personal data,
phishing,
privacy,
psycho,
stalking,
zada
Subscribe to:
Post Comments (Atom)
Popular Posts
-
more reasons to NEVER EVER do ONLINE DATING! or HOOK UP WITH ANYONE ONLINE! by Lou Sessinger A homeless man who used a phony investment sche...
-
Cyberpaths come from all walks of life. Seemingly the most inocuous and upstanding persons have secret lives where they feel powerful &...
-
Has your favorite dating site gotten complaints? are they a RIP OFF? Click any of the links below and find out!! ADULT SITES #1 ADULT SITES ...
-
Warning sounded over 'flirting robots' Those entering online dating forums risk having more than their hearts stolen. A program that...
-
By Declan Harvey The government's top legal adviser has issued a new warning over abusive tweets and Facebook posts. Attorney General Do...
-
This summary is not available. Please click here to view the post.
-
We are publishing these; recieved from Stone's victims - as examples to our many readers of what these harassers will do and continue to...
-
By James Titcomb A jilted boyfriend was jailed today for taking revenge on his ex-lover - by putting their home-made sex videos onto the int...
-
Think you know who your real online friends are? You could be just a few hops away from a cybercriminal in today's social networks By Ke...
-
Written by the Fighter Team (originally published December 02, 2005) Here's the question - is it LEGAL to expose a cheater or abuser onl...
Blog Archive
-
▼
2011
(355)
-
▼
December
(31)
- The Pick-Up Artist
- When It's Someone You Trust...
- Study Shows Over 30% of Internet Dating Site Users...
- The Online Disinhibition Effect
- Romance Scammers Pose as U.S. Military to Entrap W...
- Website Ordered to Close Because of Harassment
- Stalking Privacy on Facebook, One Psycho at a Time
- Anonymous Anger Rampant on Internet
- 10 CLUES OF AN ONLINE AFFAIR
- Being 'Anonymous' Online Changes People's Behavior
- Twitter Stalking is Protected Free Speech
- Suing Google Doesn't Always Work
- Complete Privacy Does NOT Exist
- Online Dating is Eroding Humanity
- Vulnerable & Scammed - Man Commits Suicide
- Police Dispatcher Charged After Harassing Online
- DETECTING LIES
- The Psychopath Next Door
- Do They Fit the Checklist on Predators?
- THE INFIDELITY INDUSTRY
- ONLINE DATING ATTRACTS MARRIED FOLKS
- Turning to the Net for Revenge
- CYBER CHEATING - A growing cause for Divorce
- Online Dating? Never Again
- How Cheaters Use the Internet to Seek New Romance
- Amanda Craig Tells Her Horrifying Story of Being C...
- DO THEY EVER ADMIT THEY LIED OR TWISTED THE FACTS?
- THE AFTERMATH: PTSD
- Pornography & the Cyberpath
- Net Ensnares Cheaters in Tangled Web
- Over 200,000 in Britain Duped by Online Dating Scams
-
▼
December
(31)
0 comments:
Post a Comment