Latest Facebook security snafu: socialbots

Credit: flickr/jurvetson

Those friends on Facebook begging for a connection? They could be "socialbots," programming scripts that impersonate real people. University researchers got away with 250GB of user data using socialbots.

Thankfully, researchers from the University of British Columbia Vancouver didn't sell the personal information to identity thieves, but the next group of socialbots may not be so polite. Using several passes to gather friend connections, the socialbots could achieve a large scale infiltration in a few weeks with about 80 percent success. Accepting a socialbot as a friend was three times higher when there were shared mutual friends.

University researchers said their goal was to highlight the need for OSNs (Online social Networks) to build more security systems "that are less vulnerable to both human exploits (i.e., social engineering) and technical exploits (i.e., platform hacks). Why? Because users want their personal information harvested and sold by Facebook proper, not some random third party.

Of course

Who doesn't want to be friends with a scraper bot?

Anonymous Coward on

People randomly accept friends and then have their data configured to be shared with them. In this case, the problem was not Facebook but was sitting in front of the computer.

yaix on

Turing test 2.0 Machine passes, if you can not tell your new friend is not human...

trottel on

There's enough gullible people on Facebook for scammers to make money, regardless what measure Facebook puts in place.

dendory on

This might sound harsh but...Who care? How long are people going to keep believing that information you share with people who share with other random people is ... "private"?

joe_the_user on

Flawed research

the researches have falsely represented themselves within facebook and broken its terms of use. Further, they've annoyed and deceived a lot of FB users.

JustaKOS on

do you realise what you have done? Every Blackhat marketer reading this blog post will be drooling at the mouth right now making plans to develop such a bot.

James Jeffery on

It seems to me that either people are really indiscriminate in who they accept as their 'friends', or the 'randomly selected "people"' were actually other socio bots :-D

JBiserkov on

Shame on Facebook

It's not just those who sign up who get shafted by data scraping like this, their non-facebook using mates get screwed too

Anonymous Coward on

"You are not allowed to create fake profiles." Except that fake profiles are almost endemic - most of them being used purely for the purposes of social games.

mittfh on

Facebook spokespeople at first refused to comment, then said they had serious concerns about the methodology. No announcement of security improvements has been made.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon