Would Be Cool if Everyone Normalized These Pesky Data Leaks, Says Data-Leaking Facebook in Leaked Memo (theregister.com) 33
Facebook wants you to believe that the scraping of 533 million people's personal data from its platform, and the dumping of that data online by nefarious people, is something to be "normalised." The Register: A blundering Facebook public relations operative managed to send a journalist a copy of an internal document detailing the social network's strategy for containing the leaking of 533 million accounts -- and what the memo contained was infuriating though unsurprising. Belgian tech journalist Pieterjan van Leemputten asked the Mark Zuckerberg-owned company some questions about the theft and dumping online of account data earlier this month.
Miscreants had helped themselves to 70GB of names, phone numbers, dates of birth, email addresses, and more from people's Facebook profiles, thanks to a security weakness in the platform. Having stolen the data in 2019, crims bought and sold it among themselves before one shared it via a Tor-hidden site in early April, inviting anyone to come and help themselves to it all. Yet when van Leemputten asked Facebook's mouthpieces to respond, what he got in return was quite unexpected. As he told The Register: "Facebook accidentally sent me an internal email where they literally state that they will frame the recent 533 million data leak as a 'broad industry issue' and that they want to normalize this." The memo added, "To do this, the team is proposing a follow-up post in the next several weeks that talks more broadly about our anti-scraping work and provides more transparency around the amount of work we're doing in this area."
Miscreants had helped themselves to 70GB of names, phone numbers, dates of birth, email addresses, and more from people's Facebook profiles, thanks to a security weakness in the platform. Having stolen the data in 2019, crims bought and sold it among themselves before one shared it via a Tor-hidden site in early April, inviting anyone to come and help themselves to it all. Yet when van Leemputten asked Facebook's mouthpieces to respond, what he got in return was quite unexpected. As he told The Register: "Facebook accidentally sent me an internal email where they literally state that they will frame the recent 533 million data leak as a 'broad industry issue' and that they want to normalize this." The memo added, "To do this, the team is proposing a follow-up post in the next several weeks that talks more broadly about our anti-scraping work and provides more transparency around the amount of work we're doing in this area."
Normalized (Score:2)
It's already normalized, and not just in the tech industry.
Re: Normalized (Score:3)
Re: (Score:2)
Well its not clear to me how vulnerable it was. The issue was the find friends functions let you upload your contacts database from your phone. Supposedly the search on facebooks end found possible relations based on phone numbers, and suggested them to you for 'friending'.
What is not clear is if it would return matches for cases where people don't share their number but facebook has it; collected for MFA/account recovery or whatever other reasons facebook asks for phone numbers these days.
The attack was s
Re: (Score:2)
This.
Users are experiencing data leak fatigue, as every month there's major news about such and such large firm being breached [wikipedia.org]. So they just shrug it off, rationalize that it's part of the deal, and resume uploading personal data to whatever social media website that produces the most dopamine for them.
Re: (Score:2)
normalize deleting Facebook (Score:5, Insightful)
Wouldn't we all be better off if we normalized deleting Facebook? Facebook won't be able to shit the bed with your data if they don't have your data.
Re: normalize deleting Facebook (Score:5, Insightful)
Re: (Score:3)
Funny you think Facebook wonâ(TM)t have your data if you delete your profile off of it. Facebook tracks you accross other sites through cookies and compile profiles on you whether you are a member or not.
Which is why I let uMatrix block the Facebook widget and all third party Javascript by default. Which breaks an appalling number of sites these days, but then I selectively enable the missing pieces needed. Frequently jquery.com and a few others. One I never enable is facebook.com.
Re: (Score:3)
If you live in California and they keep your data after you request deletion, that's a several thousand dollar fine they are looking at for each instance.
Re: (Score:2)
That's coming to an end as all major browsers disable third party cookies.
Re: (Score:3)
Funny that you think I allow/keep those cookies. I don't have an account in the first place, its possible that they have some phantom profile of me but its not worth much. When you block ads and tracking its a lot harder for anything FB does to be meaningful.
Re: (Score:2)
Simply deleting your account won't fix much (Score:2)
Re: (Score:2)
Time to end FB (Score:5, Insightful)
These people are sociopathic tools, always have been. MZ is the head sociopath, and inspires the whole crew. It is high time for this shit-show to be shut down. It's well beyond fixing.
They are psychopaths. No offense. (Score:2)
You can't treat them like they ever cared about your wishes.
They only care about you thinking you care for their wishes.
And that they can keep doing what they want.
So the solution is to ... give them a ... good reason ...to actually want what we want. Even if just pretend they like it too.
Threat of death, with our choice being the only one out, is an obvious reason. Even if a morally unacceptable one.
But threat of losing benefits they gain from us is a pretty good reaon.
But make sure you studied Sun Tsu be
Re: (Score:2)
I agree (Score:5, Insightful)
Make it normal that those responsible go to prison and make it normal that companies that messed up pay $1000 to every person affected and more if the victims can prove more damage done. I.e. finally make it normal to treat these people and companies like the criminal entities they are.
The abnormal state of affairs that absolutely noting happens to those fuckups on the legal side cannot continue.
Re: (Score:1)
Facebook will reveal what info on you was leaked (Score:2)
Just log in and fill out this quiz on our new app.
Facebook's Fault? (Score:1)
From what I understand, these folks that had data scraped, all had public profiles. Did the scrapers go foul of the Terms of Service? Sure. Was it public data? It was on private Facebook servers, but set to public by the owners.
I think the reality is that outside of a few tech circles, no one cares.
--
We live in a world where mental health is real. Emotional health is real, and people feel like no one cares. - Malik Yoba
Allow me to comment (Score:2)
FUCK THAT SHIT!!! The names and personal info of users of a website isn't a mother effing open phone book for the criminals of the planet. I barely want my neighbors one road over to know my name, much less mister nice foreign hacker.
It’s normal already (Score:3)
Cool if everyone COMPENSATED (Score:2)
Love That 2-Factor (Score:2)
I keep my FB usage pretty trivial, but being an old person, I do have an account. And I have logged onto it regularly since 2010 or so.
Every time, FB asks for my mobile phone number so they can set up 2 factor authentication. "For security".
They are not getting that number and they are not getting my actual birthdate. Well, at least not from me. I can't do anything about their cross-referencing skullduggery.
Shut it down!! (Score:1)
What's the big deal? (Score:2)
To me this looks like exactly what I would expect to see in this situation. The PR sausage is being made. Big deal. It doesn't appear to be a leak of a technical directive, strategic plan, or mitigation strategy. It's just discussion on narrative control.
It already has been. (Score:1)
Interesting article (Score:2)
though I could really do without the author's inflammatory op/ed.
N11n? (Score:2)