Archive for Facebook

Facebook Add On TimeHop Has Been Pwned By Hackers…. But They Are Handling The Pwnage Better Than Most

Posted in Commentary with tags , on July 9, 2018 by itnerd

First the bad news. TimeHop has reported it has had a breach affecting its entire user base of 21 million users worldwide. The “security incident” happened on July 4th when they had a “network intrusion”  which was interrupted by internal security teams. Which is good. But clearly it was not interrupted quick enough which is bad.

Here’s the good news. The statement that they put out regarding this is the best one that I’ve seen. They go into a great amount of detail about what happened, what the company is doing about it, and what’s the go forward plan. On top of that, they also even have a glossary to explain terms that users might not be familiar with. I’m very impressed by this and other companies should use this as a template for how to communicate about a “security incident” like this because this is straight from the top shelf.

So, if you’re a user of this add on, I’d go to the statement that I linked to and see what you have to do to protect yourself. Like I said, it’s very clear and well written and you should have no issue following their directions.

Advertisements

Feds Ramp Up Probe Of Facebook

Posted in Commentary with tags on July 3, 2018 by itnerd

The Department of Justice along with several other federal agencies are combining forces to investigate Facebook in relation to the Cambridge Analytica scandal.  The Washington Post reported that the following agencies are involved:

  • The Securities and Exchange Commission
  • Federal Trade Commission
  • Federal Bureau of Investigation

This can only be bad news for Zuckerberg and company as the feds don’t just investigate stuff for fun. And they rarely walk away empty handed. And the fact that this many agencies are looking at the social network should set off alarm bells at Facebook HQ. What’s going to really worry Zuckerberg is that the investigation is being broadened to focus on Facebook’s statements following the scandal and whether its disclosures to both the public and its investors were “sufficiently complete and timely,” according to the Post. Not good if you’re Zuck as that could include stuff he said, or didn’t say to Congress.

Perhaps the world won’t have to decide to #DeleteFacebook. The feds may take care of that for the planet.

Facebook Acknowledges It Shared User Data With Dozens of Companies… And You Should #DeleteFacebook As A Result

Posted in Commentary with tags on July 2, 2018 by itnerd

It now seems that #DeleteFacebook might be on the verge of getting a second wind as Facebook has admitted to sharing information with dozens of companies:

Facebook has admitted providing dozens of tech companies with special access to user data after publicly saying it restricted such access in 2015. Facebook continued sharing information with 61 hardware and software makers after it said it discontinued the practice in May 2015, the social networking giant acknowledged in 747 pages of documents delivered to Congress late Friday. The documents were in response to hundreds of questions posed to Facebook CEO Mark Zuckerberg by members of Congress in April.

Facebook said it granted a special “one-time” six-month extension to companies that ranged from AOL to package-delivery service United Parcel Service to dating app Hinge so they could come into compliance with the social network’s new privacy policy and create their own versions of Facebook for their devices. Data shared without users’ knowledge included friends’ names, genders and birth dates. Facebook’s documents also said it had discovered that five other companies “theoretically could have accessed limited friends’ data” as a result of a beta test. Facebook said in the documents it has ended 38 of the partnerships and plans to discontinue seven more by the end of July.

At this point it’s pretty clear that Facebook cannot be trusted. Anyone who is on their platform is going to have their data harvested. Why? It’s simple. When you sign up for a free service, you are the product and so is any data you generate. That service will find ways to sell your information as a commodity in order to stay in business. In fact you could argue this was Facebook’s plan all along was to create a site to collect personal data and then sell it as a service to companies who want it. If you want to protect your privacy, there’s only one answer: #DeleteFacebook

Facebook Handed Over Friends Data To RBC & Others…. Even When They Said They Weren’t

Posted in Commentary with tags on June 10, 2018 by itnerd

A new report from The Wall Street Journal details how Facebook granted a number of companies special access to additional data about users’ friends. Specifically phone numbers and “friend links,” which measures the degree of closeness between a user and their friends.

One troubling aspect to this story is that Facebook was doing so even after the point in 2015 when the company claimed it stopped sharing such data. Which means that Facebook was lying about what it was doing with user data. Some companies were even granted extensions on accessing this data.

Another troubling aspect to this story if you are Canadian is the fact that Facebook apparently handed this data over to RBC which is one of the biggest banks in Canada. One wonders what RBC was doing with that data. Well, here’s what they said:

One granted an extension was Royal Bank of Canada, which created an app that allowed RBC users to send money to one another—similar to Venmo, a startup now owned by PayPal Inc. RBC was granted a six-month extension after the May 2015 deadline Facebook imposed on developers when it shut off data access, an RBC spokesman said.

“We take seriously our responsibility to protect customer privacy and we do not share individual client information with Facebook or other advertisers,” the spokesman said.

I think RBC customers deserve a better answer than that. I say that because we don’t know why RBC was accessing user data on Facebook in the first place. They truly need to answer that as right now, RBC’s actions look as shady as Facebook’s actions.

#Fail: Facebook Made 14 Million Private Posts Public

Posted in Commentary with tags on June 8, 2018 by itnerd

It’s clearly the worst of times for Facebook. The latest screw up for the social networking company has had to admit that a bug of some sort caused private posts to be made public for as many as 14 million users. These posts were public for as long as nine days. But don’t worry Facebook users, everything is fine now. At least that’s what they say.

Facebook’s trust level with the public isn’t exactly high at the moment. This isn’t going to help that situation. Perhaps it’s time for Facebook to bring in someone to clean up their privacy related issues? Just a thought.

Facebook Served Up User Data To Chinese Firms… One Of Whom Was Flagged By Feds

Posted in Commentary with tags on June 6, 2018 by itnerd

Facebook is back in the news for all the wrong reasons via this New York Times story where the firm has been accused of handing over user data to four Chinese firms. Including one flagged for being a national security threat:

Facebook has data-sharing partnerships with at least four Chinese electronics companies, including a manufacturing giant that has a close relationship with China’s government, the social media company said on Tuesday.

The agreements, which date to at least 2010, gave private access to some user data to Huawei, a telecommunications equipment company that has been flagged by American intelligence officials as a national security threat, as well as to Lenovo, Oppo and TCL.

The four partnerships remain in effect, but Facebook officials said in an interview that the company would wind down the Huawei deal by the end of the week.

This is on top of data sharing agreements that the New York Times found out about earlier this week. But in any case, this seems troubling to me and I hope people in power ask questions about this.

Oh wait. They are:

Senator John Thune, the South Dakota Republican who leads the Commerce Committee, has demanded that Facebook provide Congress with details about its data partnerships. “Facebook is learning hard lessons that meaningful transparency is a high standard to meet,” Mr. Thune said.

His committee also oversees the Federal Trade Commission, which is investigating Facebook to determine whether the company’s data policies violate a 2011 consent decree with the commission.

Senator Mark Warner of Virginia pointed out that concerns about Huawei were not new, citing a 2012 congressional report on the “close relationships between the Chinese Communist Party and equipment makers like Huawei.”

“I look forward to learning more about how Facebook ensured that information about their users was not sent to Chinese servers,” said Mr. Warner, the top Democrat on the Intelligence Committee.

All of this really doesn’t pass the smell test and makes me think that Facebook has a lot more going on that the world needs to know about. And I suspect that given the scrutiny that the company is under, we might get those details sooner rather than later. And we may not like what we see.

Facebook Shared Data With Device Makers: New York Times

Posted in Commentary with tags on June 4, 2018 by itnerd

According to a report from The New York Times, Facebook formed data-sharing partnerships with Apple, Samsung, and dozens of other device makers, allowing them to access vast amounts of its users’ personal information (If you hit a paywall, here is an alternative source):

Facebook has reached data-sharing partnerships with at least 60 device makers — including Apple, Amazon, BlackBerry, Microsoft and Samsung — over the last decade, starting before Facebook apps were widely available on smartphones, company officials said. The deals allowed Facebook to expand its reach and let device makers offer customers popular features of the social network, such as messaging, “like” buttons and address books.

But the partnerships, whose scope has not previously been reported, raise concerns about the company’s privacy protections and compliance with a 2011 consent decree with the Federal Trade Commission. Facebook allowed the device companies access to the data of users’ friends without their explicit consent, even after declaring that it would no longer share such information with outsiders. Some device makers could retrieve personal information even from users’ friends who believed they had barred any sharing, The New York Times found. Most of the partnerships remain in effect, though Facebook began winding them down in April.

Facebook who is now very sensitive to this sort of thing has hit back via this blog post where they confirmed some parts of the Times’ report but disputed others. In short, they put some spin on this. But given what’s gone on over the last little while, I am not sure if that will be enough to calm the waters.