AV Bible Believers Fellowship

OL July 28, 2010 at 8:07 pm
100 million Facebook users added to a publicly available torrent file
By Rhonda Callow

Information relating to a fifth of Facebook's users is now available for download. By anybody!

Facebook

A directory containing the personal information of (and be sure to say this in your best Dr. Evil voice) 100 million Facebook users has been made available on a torrent site and the almost 3 GB file can be downloaded by absolutely anybody. Ron Bowes of Skull Security created a script that harvested user information from Facebook's user directory.

According to the Skull Security blog, the torrent contains:

* The URL of every searchable Facebook user's profile
* The name of every searchable Facebook user, both unique and by count (perfect for post-processing, datamining, etc)
* Processed lists, including first names with count, last names with count, potential usernames with count, etc
* The programs I used to generate everything

Okay, so what could be done with the information contained in the torrent file? Well, it could be used to create a list of what are probably the most common user names (from the blog):

129369 jsmith

79365 ssmith

77713 skhan

75561 msmith

74575 skumar

72467 csmith

71791 asmith

67786 jjohnson

66693 dsmith

66431 akhan

Armed with a list of user names, somebody could potentially use brute force methods to establish the passwords that go along with those user names.

It's important to note that this does not represent a breach of Facebook's security and the information harvested by Bowes is information that people have chosen to make publicly available. What people should, however, learn from this incident is the importance of not over-sharing information on social networks and ensuring that your accounts are protected by a strong password.

Seeing as there are roughly 500 million Facebook users, you've got about a 1 in 5 chance of being included in that torrent file. Will this make you reconsider what personal information you're making public, or do you really not care if your details are available to everyone?

Filed Under: Facebook > My Online Life
Tags: Facebook, facebook privacy issues, Social Networking, torrent, users

http://www.sync-blog.com/sync/2010/07/10...-file.html

Posting on Facebook or MySpace is like writing a letter to the National Security Agency. I don't trust those things for a millisecond. And that goes for Twitter, too.

This is splashed all over this morning, but I can't see the big deal. So someone can find my name on Facebook: yeah, that's kind of the point. Someone likened it to being published in the phone book, but it's not even that for me because I don't have my phone number on Facebook. Or credit card number, bank account, address, or anything . After reading multiple paragraphs about nothing, I just couldn't find the problem. In fact, I started to wonder if it was actually advertising for Facebook. Am I missing something?

(07-29-2010 11:48 AM)Lynne Wrote: [ -> ]This is splashed all over this morning, but I can't see the big deal. So someone can find my name on Facebook: yeah, that's kind of the point. Someone likened it to being published in the phone book, but it's not even that for me because I don't have my phone number on Facebook. Or credit card number, bank account, address, or anything . After reading multiple paragraphs about nothing, I just couldn't find the problem. In fact, I started to wonder if it was actually advertising for Facebook. Am I missing something?

It's just a reminder warning for people who do give TMI on Facebook and many people do.

These were the main points, I think:

It's important to note that this does not represent a breach of Facebook's security and the information harvested by Bowes is information that people have chosen to make publicly available. What people should, however, learn from this incident is the importance of not over-sharing information on social networks and ensuring that your accounts are protected by a strong password.

Seeing as there are roughly 500 million Facebook users, you've got about a 1 in 5 chance of being included in that torrent file. Will this make you reconsider what personal information you're making public, or do you really not care if your details are available to everyone?

(07-29-2010 12:06 PM)Laura Wrote: [ -> ]

(07-29-2010 11:48 AM)Lynne Wrote: [ -> ]This is splashed all over this morning, but I can't see the big deal. So someone can find my name on Facebook: yeah, that's kind of the point. Someone likened it to being published in the phone book, but it's not even that for me because I don't have my phone number on Facebook. Or credit card number, bank account, address, or anything . After reading multiple paragraphs about nothing, I just couldn't find the problem. In fact, I started to wonder if it was actually advertising for Facebook. Am I missing something?

It's just a reminder warning for people who do give TMI on Facebook and many people do.

These were the main points, I think:

It's important to note that this does not represent a breach of Facebook's security and the information harvested by Bowes is information that people have chosen to make publicly available. What people should, however, learn from this incident is the importance of not over-sharing information on social networks and ensuring that your accounts are protected by a strong password.

Seeing as there are roughly 500 million Facebook users, you've got about a 1 in 5 chance of being included in that torrent file. Will this make you reconsider what personal information you're making public, or do you really not care if your details are available to everyone?

Okay, thanks. Good advice! I got a notice a few days ago that a computer in Japan was trying to access my Facebook account and I was advised to change and strengthen my password. I did.

Through Facebook I've been able to reconnect with some people who were very dear to me in the past. I've been fighting isolation all of my life, so I'm willing to risk Facebook. The reward has been sweet.

For example, I found out someone named her baby after me. I was flabbergasted! Sometimes we have no idea how much we mean to each other.

I don't put anything private on facebook. My address phone number credit card numbers or bank account number is not there.

Facebook is a wholly owned subsidiary of....

Back when I had Facebook I saw kids that had address, phone number, borderline obscene pictures from the weekend party, and just generally too much information, and unnecessary information.

Like anything (including Internet message boards), it can be used properly and responsibly, or not. I wonder if the public TMI syndrome is largely generational?

My wife is so embedded in facebook it makes me want to varmit. I never use it, although she put me on there. No personal information, but it is a loose end, to be sure.
She is a voluntary moderator , and , as a Christian, should be learning with us. To each his/her own.
Brat !

(07-29-2010 01:27 PM)Laura Wrote: [ -> ]Back when I had Facebook I saw kids that had address, phone number, borderline obscene pictures from the weekend party, and just generally too much information, and unnecessary information.

Like anything (including Internet message boards), it can be used properly and responsibly, or not. I wonder if the public TMI syndrome is largely generational?

I think so, yes. The whole stupid phenomenon of texting is a generational thing, with few exceptions. And now they have "sexting." Okay, if the kids want their naked pictures in cyberspace for the rest of their lives, so be it....