Facebook breach

Discuss about any latest news or current affairs in Singapore or globally. Please DO NOT copy and paste news articles from other sources without written permission.
Post Reply
User avatar
the lynx
Governor
Governor
Posts: 5281
Joined: Thu, 09 Dec 2010 6:29 pm
Location: Location: Location: Location: Location: Location: Location: Location: Location: Location: Location:

Post by the lynx » Tue, 20 Aug 2013 9:07 am

zzm9980 wrote:
PNGMK wrote: Anyone who does't think he's only a puppet for the powers that be is fooling themself.
Oh how I would have loved to have won the lotto and been picked by the real zionist/free mason/illuminati overlords to be the useful idiot puppet to run Facebook (NSA data mining project) and live the life of a young billionaire. Wouldn't have married the frumpy girl he did though. Unless she's secretly a PRC Princessling.
Speaking of PRC princelings...

http://www.theguardian.com/business/201 ... estigation

User avatar
PNGMK
Moderator
Moderator
Posts: 8778
Joined: Thu, 21 Mar 2013 9:06 pm
Answers: 2
Location: Sinkapore

Post by PNGMK » Tue, 20 Aug 2013 9:46 am

zzm9980 wrote:
PNGMK wrote: Anyone who does't think he's only a puppet for the powers that be is fooling themself.
Oh how I would have loved to have won the lotto and been picked by the real zionist/free mason/illuminati overlords to be the useful idiot puppet to run Facebook (NSA data mining project) and live the life of a young billionaire. Wouldn't have married the frumpy girl he did though. Unless she's secretly a PRC Princessling.
I'm pretty certain there is some reason for her to be married to him... she might be his minder. He and his bitch are the sort of 'open mouthed breathers' of the Y generation that I can't stand.

User avatar
the lynx
Governor
Governor
Posts: 5281
Joined: Thu, 09 Dec 2010 6:29 pm
Location: Location: Location: Location: Location: Location: Location: Location: Location: Location: Location:

Post by the lynx » Thu, 22 Aug 2013 2:47 pm

I just realised something. Some posters posted to threads using the Facebook plugin and that reveals their Facebook names. I wonder if they ever realise this. Kindda defeats the purpose when their handles are not shown in that mode.

I mean, granted if they are conscious about it but I cannot imagine myself (or anyone in general) using that Facebook plugin to reply at risk of exposing my Facebook profile.

User avatar
zzm9980
Governor
Governor
Posts: 6869
Joined: Wed, 06 Jul 2011 1:35 pm
Location: Once more unto the breach

Post by zzm9980 » Thu, 22 Aug 2013 3:44 pm

the lynx wrote:I just realised something. Some posters posted to threads using the Facebook plugin and that reveals their Facebook names. I wonder if they ever realise this. Kindda defeats the purpose when their handles are not shown in that mode.

I mean, granted if they are conscious about it but I cannot imagine myself (or anyone in general) using that Facebook plugin to reply at risk of exposing my Facebook profile.
I didn't realize the forum even had that as an option. I've been using 'Disconnect' for Chrome (and other extensions before that one came out) to completely block Facebook, Twitter, and all of that shit on any domain that isn't their own. It's already known (and I've proven :p) Facebook is building shadow profiles on people who don't even have accounts. All of that shit still sets cookies and they track your browsing habits and build profiles of your likes and such whether you're a user or not.

User avatar
zzm9980
Governor
Governor
Posts: 6869
Joined: Wed, 06 Jul 2011 1:35 pm
Location: Once more unto the breach

Post by zzm9980 » Thu, 22 Aug 2013 3:45 pm

Apparently they have options for Firefox, Safari, and opera also:
https://www.disconnect.me/

User avatar
Mi Amigo
Manager
Manager
Posts: 1794
Joined: Sat, 19 Jun 2004 10:23 pm
Location: Kinto Pino

Post by Mi Amigo » Thu, 22 Aug 2013 3:56 pm

I use various Firefox plug-ins including Disconnect, Self-Destructing Cookies, BetterPrivacy, Certificate Patrol and NoScript. Probably some overlap/overkill there, but they all seem to place nicely together.
Be careful what you wish for

User avatar
nakatago
Moderator
Moderator
Posts: 8358
Joined: Tue, 01 Sep 2009 11:23 pm
Location: Sister Margaret’s School for Wayward Children

Post by nakatago » Thu, 22 Aug 2013 4:15 pm

zzm9980 wrote:
I didn't realize the forum even had that as an option. I've been using 'Disconnect' for Chrome (and other extensions before that one came out) to completely block Facebook, Twitter, and all of that shit on any domain that isn't their own. It's already known (and I've proven :p) Facebook is building shadow profiles on people who don't even have accounts. All of that shit still sets cookies and they track your browsing habits and build profiles of your likes and such whether you're a user or not.
Ditto for disconnect.me
"A quokka is what would happen if there was an anime about kangaroos."

User avatar
the lynx
Governor
Governor
Posts: 5281
Joined: Thu, 09 Dec 2010 6:29 pm
Location: Location: Location: Location: Location: Location: Location: Location: Location: Location: Location:

Post by the lynx » Thu, 22 Aug 2013 4:27 pm

I also use Disconnect in my regular laptops. Right now I'm in a course (with laptops provided) and I'm viewing this from my course laptop, hence the discovery.

Take a look if you want, especially at popular threads under Events, Gathering and Meeting Friends. The number of people who openly used Facebook plugin to respond is scary!
Last edited by the lynx on Thu, 22 Aug 2013 5:33 pm, edited 1 time in total.

User avatar
PNGMK
Moderator
Moderator
Posts: 8778
Joined: Thu, 21 Mar 2013 9:06 pm
Answers: 2
Location: Sinkapore

Post by PNGMK » Thu, 22 Aug 2013 5:05 pm

zzm9980 wrote:
the lynx wrote:I just realised something. Some posters posted to threads using the Facebook plugin and that reveals their Facebook names. I wonder if they ever realise this. Kindda defeats the purpose when their handles are not shown in that mode.

I mean, granted if they are conscious about it but I cannot imagine myself (or anyone in general) using that Facebook plugin to reply at risk of exposing my Facebook profile.
I didn't realize the forum even had that as an option. I've been using 'Disconnect' for Chrome (and other extensions before that one came out) to completely block Facebook, Twitter, and all of that shit on any domain that isn't their own. It's already known (and I've proven :p) Facebook is building shadow profiles on people who don't even have accounts. All of that shit still sets cookies and they track your browsing habits and build profiles of your likes and such whether you're a user or not.
Thanks for that.

User avatar
sundaymorningstaple
Moderator
Moderator
Posts: 39764
Joined: Thu, 11 Nov 2004 1:26 pm
Answers: 10
Location: Retired on the Little Red Dot

Post by sundaymorningstaple » Thu, 22 Aug 2013 5:32 pm

^^This!
SOME PEOPLE TRY TO TURN BACK THEIR ODOMETERS. NOT ME. I WANT PEOPLE TO KNOW WHY I LOOK THIS WAY. I'VE TRAVELED A LONG WAY, AND SOME OF THE ROADS WEREN'T PAVED. ~ Will Rogers

User avatar
JR8
Immortal
Immortal
Posts: 16522
Joined: Wed, 24 Mar 2010 12:43 pm
Location: K. Puki Manis

Post by JR8 » Mon, 21 Oct 2013 7:41 pm

I've installed this
http://webgraph.com/resources/facebookblocker/

It seemed like a tiny download. Let's see if it works.

It is available for Firefox, Chrome, Safari, Opera.


p.s. Thank you for the advice to date, appreciate it :)

User avatar
JR8
Immortal
Immortal
Posts: 16522
Joined: Wed, 24 Mar 2010 12:43 pm
Location: K. Puki Manis

Post by JR8 » Mon, 21 Oct 2013 7:57 pm

That appears to have killed it right off.

Thx! :cool:

User avatar
the lynx
Governor
Governor
Posts: 5281
Joined: Thu, 09 Dec 2010 6:29 pm
Location: Location: Location: Location: Location: Location: Location: Location: Location: Location: Location:

Post by the lynx » Thu, 23 Jan 2014 4:36 pm

zzm, not sure you have heard of this news already.

"XXE in OpenID: one bug to rule them all, or how I found a Remote Code Execution flaw affecting Facebook's servers"

http://www.ubercomp.com/posts/2014-01-1 ... _execution

And that Facebook bug is worth USD 33,500.

User avatar
sundaymorningstaple
Moderator
Moderator
Posts: 39764
Joined: Thu, 11 Nov 2004 1:26 pm
Answers: 10
Location: Retired on the Little Red Dot

Post by sundaymorningstaple » Thu, 23 Jan 2014 5:07 pm

I'd have to agree with a lot of the responses on the linked FB page as it would have had to be worth at least a couple of hundred Gs considering it was an RCE bug.
SOME PEOPLE TRY TO TURN BACK THEIR ODOMETERS. NOT ME. I WANT PEOPLE TO KNOW WHY I LOOK THIS WAY. I'VE TRAVELED A LONG WAY, AND SOME OF THE ROADS WEREN'T PAVED. ~ Will Rogers

User avatar
zzm9980
Governor
Governor
Posts: 6869
Joined: Wed, 06 Jul 2011 1:35 pm
Location: Once more unto the breach

Post by zzm9980 » Thu, 23 Jan 2014 9:59 pm

sundaymorningstaple wrote:I'd have to agree with a lot of the responses on the linked FB page as it would have had to be worth at least a couple of hundred Gs considering it was an RCE bug.
Symbolically, $50k would have been OK. Maybe more. But here's the catch, and probably from their perspective: What I found (and got $12k USD for) would have caused Facebook significant more damage and gotten them into more legal trouble if I had instead reported it to various authorities. They'd be in and out of court for years, as the data could prove they mixed and intermingled personal data in ways which was illegal. This, while much more severe in a damage causing way, would not get them in trouble. They're the victims, they'd patch it and fix it and move on. No one would care on Wall Street, jut a bunch of techies on the internet who mostly sneer at Facebook already anyway.

That said, I haven't had a chance to full digest this story yet.

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “Latest News & Current Affairs”

Who is online

Users browsing this forum: No registered users and 0 guests