Difference between revisions of "Facebook"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
m
Line 9: Line 9:
 
Most of the tracking scripts associated with Facebook grab a user ID that is unique to that website, as well as the person's name and email.  However one security risk in using the Facebook is that the users find their unique ID is used by other web sites to connect to their social media profile often without their knowledge permission.  The information is used to track Facebook users across other websites and devices.
 
Most of the tracking scripts associated with Facebook grab a user ID that is unique to that website, as well as the person's name and email.  However one security risk in using the Facebook is that the users find their unique ID is used by other web sites to connect to their social media profile often without their knowledge permission.  The information is used to track Facebook users across other websites and devices.
  
Princeton University researchers identified seven different scripts that are capable of pulling information from Facebook's login API.  Companies such as OnAudience have been collecting information from Facebook's login API to "profile" Facebook users for their behavioralengine.com marketing scheme.  There are many such businesses that profile Facebook users in a manner similar to how the FBI will profile criminal suspects, except these companies are creating a profile of each user to know how he or she behaves, shops, spends personal time, and what personal habits the individual has which might be exploitable by companies.
+
Princeton University researchers identified seven different scripts that are capable of pulling information from Facebook's login API.  Companies such as OnAudience have been collecting information from Facebook's login API to "profile" Facebook users for their behavioralengine.com marketing scheme.  There are many such businesses that profile Facebook users in a manner similar to how the FBI will profile criminal suspects, except these companies are creating a profile of each user to know how he or she behaves, shops, spends personal time, and what personal habits the individual has which might be exploitable by companies
 +
 
 +
Most of the companies which are using Facebook tracking data are doing so to create software and tracking tools that websites can use to find out information about their customers, which sites pay for.  A company with a commercial web site might buy a tracking product from one of those which are using Facebook's login API.  The company Lytics offers Facebook API data scraping and tracking tools which is used to collect Facebook user data and then store that data.  Although they claim to limit what the tools can collect, it has been discovered that the security is easily circumvented allowing the exploitation of Facebook user data.  The tool can be easily modified to do "deep mining" of Facebook user information.  These tools typically involve the simple process of adding JavaScript to a web site that is activated once someone visits the page.
 +
 
 +
There is a serious personal information and identity security concern associated with users bringing their Facebook data to other parts of the web, where they might not understand how it is being collected and parsed.  One example is an amusing and commonly used "Personality Test" app which scraped from Facebook and collected information belonging to up to 87 million people.  This information not only includes Facebook users, but other people outside of Facebook that are discussed by Facebook users.
 +
 
 +
Facebook's Universal Login feature is a large part of the sharing of user data and an automatic opt-in to allowing the data distribution.  Once used, the tracking data is not only used by participating sites, but can be secretly harvested by other web sites operated by companies with a less reputable background. 
 +
 
 +
Data is the new currency online and many companies with intentions across the spectrum want to buy Facebook user data.  The profiling constructed from this data can make it possible for one of these companies to know a Facebook user better than members of the user's own immediate family.  Furthermore, this type of data mining has created new challenges in the prevention of Identify Theft.

Revision as of 10:09, 10 October 2018

Dominate Social Media Internet platform including a highly visible web site and massive data mining engine to retail personal information. Users volunteer personal data including purchasing habits, personality traits, demographic information and other details which are collected and resold largly for commercial use specifically in the areas of marketing. Sometimes personal data is submitted to authorities for purposes such as criminal investigation. Facebook obtains its users personal data without compensating them and profits from the use and sell of what is collected.

Security and Privacy

Facebook profiles have become the de-facto identities of people across the internet. This is thanks, in large part, to Login With Facebook, the social network's universal login API, which allows users to carry their profile information to other apps and websites. Be advised Facebook's universal login feature carries security risks, according to research from Princeton University and other high profile credible sources.

Third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts are part of an invisible tracking ecosystem that follows users around the web largely without their knowledge. When Facebook users don't take the time to disable an obscure option to grant permission for a website to access their Facebook profile, third-party trackers embedded on the site are getting that data, too. That can include a user's name, email address, age, birthday, and other information, depending on what info the original site requested to access. This type of tracking script is present on 434 of the web's top one million websites not exclusively including those that are querying Facebook data from the API, but also obtaining data from Facebook via security workarounds.

Most of the tracking scripts associated with Facebook grab a user ID that is unique to that website, as well as the person's name and email. However one security risk in using the Facebook is that the users find their unique ID is used by other web sites to connect to their social media profile often without their knowledge permission. The information is used to track Facebook users across other websites and devices.

Princeton University researchers identified seven different scripts that are capable of pulling information from Facebook's login API. Companies such as OnAudience have been collecting information from Facebook's login API to "profile" Facebook users for their behavioralengine.com marketing scheme. There are many such businesses that profile Facebook users in a manner similar to how the FBI will profile criminal suspects, except these companies are creating a profile of each user to know how he or she behaves, shops, spends personal time, and what personal habits the individual has which might be exploitable by companies.

Most of the companies which are using Facebook tracking data are doing so to create software and tracking tools that websites can use to find out information about their customers, which sites pay for. A company with a commercial web site might buy a tracking product from one of those which are using Facebook's login API. The company Lytics offers Facebook API data scraping and tracking tools which is used to collect Facebook user data and then store that data. Although they claim to limit what the tools can collect, it has been discovered that the security is easily circumvented allowing the exploitation of Facebook user data. The tool can be easily modified to do "deep mining" of Facebook user information. These tools typically involve the simple process of adding JavaScript to a web site that is activated once someone visits the page.

There is a serious personal information and identity security concern associated with users bringing their Facebook data to other parts of the web, where they might not understand how it is being collected and parsed. One example is an amusing and commonly used "Personality Test" app which scraped from Facebook and collected information belonging to up to 87 million people. This information not only includes Facebook users, but other people outside of Facebook that are discussed by Facebook users.

Facebook's Universal Login feature is a large part of the sharing of user data and an automatic opt-in to allowing the data distribution. Once used, the tracking data is not only used by participating sites, but can be secretly harvested by other web sites operated by companies with a less reputable background.

Data is the new currency online and many companies with intentions across the spectrum want to buy Facebook user data. The profiling constructed from this data can make it possible for one of these companies to know a Facebook user better than members of the user's own immediate family. Furthermore, this type of data mining has created new challenges in the prevention of Identify Theft.