Byron Ng versus Facebook. Again
p2pnet news | Freedom:- | P2P:- Byron Ng, a freelance computer tech based in Vancouver, BC, downloaded Harry Potter and the Deathly Hallows from The Pirate Bay.
Then he hacked Facebook to reveal Private Paris Pix.
Now, he’s, “stumbled across a way to learn more about Facebook users than you’re supposed to be able to” prompting Facebook to, “suspend the Top Friends application late on Wednesday,” says CNET News, going on:
“CNET News.com confirmed that the security hole exposed the birthdays, gender, and relationship status of strangers, including Facebook executives, the wife of Google co-founder Larry Page, and one profile that seemed to belong to Paris Hilton that used her middle name ‘Whitney’.”
Top Friends wasn’t obeying uses’ privacy settings, “enabling anyone with the know-how to bypass the security once they obtained someone’s Facebook ID number,” says the story.
22 separate violations
Canadian law students analysed Facebook’s privacy policies and found the claims seriously wanting, p2pnet reported last month, going on >>>
CIPPIC (Canadian Internet Policy and Public Interest Clinic) wants privacy commissioner Jennifer Stoddart to investigate possible violations of Canadian privacy laws.
“Facebook isn’t being up-front with users about its use of their information for advertising and other commercial purposes,” CIPPIC director Philippa Lawson told p2pnet.
With the third largest Facebook user base after the USA and the UK, it, “purports to give users more control than they actually have over the sharing of their information,” she says, going on:
“It shares more information than necessary with third parties, and it fails to obtain informed consent from users to its sharing of often sensitive personal information with third parties.”
All of these are violations of Canadian privacy law, Lawson declares, stating, “It’s time that Facebook faced up to its legal and ethical obligations to protect user privacy.”
CIPPIC’s 35-page complaint alleged 22 separate violations, “including Facebook’s failure to tell members how their personal information is disclosed to third parties for advertising and other profit-making activities, and its failure to get permission for such uses and disclosures of personal information”.
Facebook, “purports to provide users with a high level of control over their data,” said Harley Finkelstein, one of the CIPPIC researchers.
“But our investigation found that this is not entirely true – for example, even if you select the strongest privacy settings, your information may be shared more widely if your Facebook Friends have lower privacy settings.
“As well, if you add a third party application offered on Facebook, you have no choice but to let the application developer access all your information even if they don’t need it.”
Meanwhile, says CNET, “another third-party app that Ng disclosed a security hole in, Super Wall, was fixed.
“With Super Wall, which was created by RockYou, no personal data is revealed, but anyone could have viewed the Super Wall of any other user, even if they were not friends.”
.
.Stumble It!
hacked Facebook – Byron Ng hacks Facebook, March 25, 2008
CNET News – Facebook suspends app that permitted peephole, June 26, 2008
p2pnet – CIPPIC demands Facebook privacy probe, May 30, 2008
Use free p2pnet newsfeeds for your site. It’s really easy!Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details. Download here.
