Facebook f'up

WTF Facebook? When is enough, enough?

100% human

WTF Facebook? When is enough, enough? Facebook has been caught twice this week. One for a data breach affecting up to 90-million people and another for freely providing advertisers with your phone number.

Facebook f’up number 90-million!

Facebook has admitted to a ‘really serious’ security breach that affects up to 90-million people. But is it saying it is really serious for its users or the organisation’s tattered reputation? We venture the latter.

On Saturday 29 October 2018 (Friday in the U.S.), it admitted that hackers had stolen ‘digital tokens’ that give access to ‘an unprecedented level of potential access’. Facebook admitted that it was then too early to know the extent of the breach and ventured 50 million including COE Mark Zuckerberg’s public account.

Hackers stole the tokens – whatever they are – that allow them to ‘view as’ – a feature that allows users to see what their profile looks like to others.

Facebook reset the access tokens of those 50-million accounts and later reset another 40-million accounts. So is it 90-million or more?

“Since we’ve only just started our investigation, we have yet to determine whether these accounts were misused or any information accessed. We also don’t know who’s behind these attacks or where they’re based. People’s privacy and security is incredibly important, and we’re sorry this happened,” it said in yet another carefully worded mea culpa blog.

Facebook f’s up – yet again. New damning report

Two U.S. Universities found that phone numbers for two-factor identification are freely available to advertisers to target advertising to users.

The study also revealed that Contact lists uploaded to Facebook platforms are available for personal information in them. You unintentionally help advertisers target your friends.

WTF Facebook. You are a bunch of bumbling amateurs unable to secure our most valuable commodity – us!

“We found that phone numbers uploaded as part of syncing contacts — that were never owned by a user and never listed on their account — were in fact used to enable PII-based advertising,” researchers said in the study.

“These findings hold despite all the relevant privacy controls on our test accounts set to their most private settings,” researchers said in the study, which looked at ways advertisers can get personally identifying information (PII) from Facebook or its WhatsApp and Messenger services.

Facebook’s response was blunt, and along the lines, if a product is free, the product is you.

“We use the information people provide to offer a better, more personalised experience on Facebook, including ads. We are clear about how we use the information we collect, including the contact information that people upload or add to their own accounts.”

WTF Facebook

GadgetGuy’s take:

Twitter is alive with tales of inappropriate use. Here is one of the more printable tweets. “When a user gives Facebook a phone number for two-factor authentication or to receive alerts about new log-ins to a user’s account, that phone number became targetable by an advertiser within a couple of weeks.” OK, that is the fact.

Here is a tweet that accurately reflects user sentiment, “Facebook can f*** off. They need some serious regulation. The idea of offering a ‘free’ service that allows them to sell you six ways to sideways needs to change. We deserve royalties on the data our activities generate for them.”

Here is an example that I can verify. A millennial couple expecting their first child proudly announced it on Facebook. Within hours targeted advertising changed to maternity and baby items instead of the usual slew of comparison websites, holidays, cars and sport. But wait  – their friends are now receiving baby gift suggestions!

Isn’t it time to give up that highly addictive drug and go back to being real friends? My advice is to delete Facebook and try calling your friends or having a drink with them.