Your infrequent reminder, Facebook is evil

They figured out how do you tweak people’s vanities and their passions and their susceptibilities and their desires in order to keep them on the site.

Source: The Central Question Behind Facebook: ‘What Does Mark Zuckerberg Believe In?’ : NPR

If you have not heard it, the above NPR Fresh Air interview by Dave Davies with Evan Osnos, a New Yorker Staff writer is well worth the listen.

Since that interview, we’ve had two more announcements of significance from Facebook.

October 11th, the evil empire announced that they’d disabled some 66 accounts or what Facebook described as:

dozens of accounts and profiles belonging to Russian database provider SocialDataHub

SocialDataHub provides analytical services to the Russian government. Facebook said SocialDataHub were “scraping” peoples information. Who knows how much information, how they used it, or who they sold it too. Facebook don’t. It looks live another 50-million accounts at least. [Check here if your account was compromised.]

The October 8th, Facebook announced their “Portal”, basically a tablet and web cam that allows you to make video calls to other Portal-users, and follows you around the room. Facebook of course says Privacy is

‘Very, Very, Very Important’

But let’s be honest, are you really willing to stay on facebook? Who in their right mind would allow facebook to live video them and not screw up the privacy, and even if they don’t, they’ll be analysing the Sh*t out of everything in every frame to identify things to sell to advertisers about you.

Can facebook do this securely and respecting your privacy? You bet your life not.

#DELETEFACEBOOK Start doing it now. #DELETFACEBOOK, and the women you will wow. (With apologies to Cole Porter).

https://www.facebook.com/help/delete_account

My other facebook posts.

Delete your Google+ profile

Google+ is what happens when you try to take on an incumbent, don’t communicate your vision, and then leave the rotting carcass to fester and be eaten by the maggots. In this case the maggots were a

security vulnerability that exposed the private data of up to 500,000 users

It turns out Google knew about the vulnerability back in March 2018, but decided not to disclose it as, as far they know, it hadn’t been exploited. If your data was upto date and complete, there was enough there to perform a rudimentary phishing attack.

In my case, my phone number, location and a number of other items were out of date, so I didn’t wait to find out what Google were going to do, I just went ahead and deleted my Google+ account. Google has also announced they will kill Google+ although it’s not clear completely what will be removed.

In the post Google+ world, it’s been clear for a while that Google is moving much of the community and information sourcing features into Google Maps.

Here is a link if you want to go ahead and delete your Google+ profile instead of waiting for Google to clean up the mess.

Source: Delete your Google+ profile – Google+ Help

Why You Shouldn’t Use Facebook to Log In to Other Sites – The New York Times

This is a good explanation of why it is way past time to stop using your Facebook ID to login to other sites. Personally while I still occasionally wish I could login to facebook to check on relatives, otherwise I don’t miss it at all.

No matter what facebook do, there will continue to be security and privacy breaches like this. Facebook wanted to become “the web” and along with that aspiration, they also became a focal point for all the hackers, scammers, and those wishing to game the system.

#deletefacebook

 

Source: Why You Shouldn’t Use Facebook to Log In to Other Sites – The New York Times

The Data Linkedin has

While I’m at it, I thought I’d take a look at what data linkedin.com has on me. It’s likely to be much less, since I rarely use the service and it’s been getting less and less as their emails with anything useful, plus new contacts, connect requests etc. always take me to the Google Play app store to install the linkedin app. That’s not happening, and I mostly just delete the emails and make a mental note to login via the website.

If you are interested in your linkedin data, you can get it via the linkedin.com Settings and then Privacy page. Here.

The email that arrived with a link said:

Here’s just the first part of the information we have archived for you, including things like connections, contacts, messages, and profile information.

It seems that will likely be the more interesting part of their archive. The first .zip file seems to mostly include only static data, most of which I’ve provided.

Interestingly, I joined linkedin on April 11th, 2006. I learned that from the registration .csv.

At least in the .zip file I got it had the following structure.

The media files were very limited, just two image files, and a PDF of a presentation that I posted directly to linkedin. This clearly isn’t all my data from linkedin, since it did not contain and links, articles, or images I’ve posted. It didn’t for example even include my profile and profile background pictures.

The spreadsheets were no more than comma seperated variables, but seemed fairly accurate. There is no clue how they came about these, I can only assume from businesses I “liked” etc. Here is the entire contents of the “Causes you care about” .csv

Civil Rights and Social Action
Economic Empowerment
Environment
Human Rights
Politics
Science and Technology

Which seems about right. What I’m sure most people will be interested in are the contacts that linkedin has a mix of my personal contacts, and linkedin connections. For each “connection” it has firstname, surname, physical address, email address,current employment/employer, position, a date and time field(?) and finally a web address.

The physical address doesn’t seem to have come from my contacts, which I’m pretty sure I’ve not given linkedin access to via the app or a website link/upload. The majority of physical addresses are blank, even for people I have work/home addresses in my contacts.

So I think this is pretty much

Move on, nothing to see here!

When the 2nd .zip file arrives, I’ll add another post.

Facebook has a lot of questions to answer

I teetered on the brink of deleting my facebook account last year. I removed the main app from my phone and a Windows tablet, and have never installed messenger. When it came down to it I balked at the final step. I did ulike pretty much all businesses and pages, as well as unfriended anyone not a real contact/friend etc.

The utility of facebook is still too great to remove myself completely. Although frankly I’ve had better results contacting businesses through Twitter and getting things done. Given it’s reach, facebook still remains useful. Delete the apps Facebook, Facebook Messenger, Instagram and Whatsapp.

If you want to delete your facebook account, it’s still relatively simple and you have 14-days to recover it, if you decide it was a mistake. Use this URL.

The Guardian published this over the weekend. It’s a long and important read that contains all the context and background detail into how Facebook was used to target people with advertising and social  profiling of potentailly millions of people to bias or persuade them to take a particular perspective.

Much of this data came through those terrible apps which ask you to confirm access to your facebook profile, and your friends profile. Even though you may have never used one of these apps, if your friends did, they likely gave away your data.

The New York Times is today reporting that Facebooks Chief Information Security officer is leaving the company. So this is obviously a big deal. Alex himself denies that, although with the share price drop already seen today, who knows the truth, the data misappropriation is still a big deal.

Charles Arthur has a daily email which goes out under the guise of The Overspill from his blog of the same name. It’s well worth the subscription. Todays included a link to Justin Hendrix blog for justsecurity.org on the Facebook data use, in it Justin poses seven key questions:

1. Why did Facebook take more than two years to inform the public of this massive breach?

2. Did the Trump campaign or Cambridge Analytica violate campaign finance laws?

3. Did Trump campaign or Cambridge Analytica employees lie to Congress, or to the British Parliament?

4. Did Facebook’s failure to disclose this breach to the public and notify its directly affected consumers break any laws?

5. Did any of the Facebook embeds in the Trump campaign know that stolen data was being used for targeting?

6. Did Facebook have evidence its own employees mishandled this situation? Was any disciplinary action taken?

7. Did other organizations or individuals exploit these apparent weaknesses, and are there other breaches we do not know about?

Irrespective of what you think about how the data was used, and the outcome, these questions need to be answered.

Someone knocking at the door

We had a spirited discussion over coffee today about the whole NSA data collection fuss  and sparked by the continuing refusal of the UK Government to accept there is a case to be concerned,  even if you have “nothing to hide”.

Think of it this way.  You are sat at home,  there is a knock at the door.  You answer  it’s that nice man from the NSA,  he says “excuse me,  we’d like a few minutes of your time,  can you just write down every phone call you’ve made in the last 3-months, what time of day you made the call,  what number you called,  how long the call lasted.”. –  you say why,  they say,  dunno,  may make some sense in the future.

Going to give it to them?  Going to call a lawyer?  Done anything wrong?  –  well good news,  you don’t need to,  they won’t come knocking,  they’ve got all the data anyway.

Then,  remember that phone call you had?  You know,  the crazy guy that your cousin thought would be a an interesting match up,  he called you? No?  Well never mind,  the NSA does. 

He called you from his Walmart cellphone,  me they want to  know what you discussed.  At the time when he ranted on about the PM of Saudi Arabia you never gave it a 2nd thought,  turns out a couple of years later the PM was assassinated by some nut job who had that phone on him…  You remember what you said?

Dam right the NSA shouldn’t have any of your digital data unless they get permission from you,  before collecting it.

Still confused?