Latest Facebook security snafu: socialbots

By , ITworld |  Cloud Computing, Facebook, hacking

robot

flickr/jurvetson

Those friends on Facebook begging for a connection? They could be "socialbots," programming scripts that impersonate real people. University researchers got away with 250GB of user data using socialbots.

Thankfully, researchers from the University of British Columbia Vancouver didn't sell the personal information to identity thieves, but the next group of socialbots may not be so polite. Using several passes to gather friend connections, the socialbots could achieve a large scale infiltration in a few weeks with about 80 percent success. Accepting a socialbot as a friend was three times higher when there were shared mutual friends.

University researchers said their goal was to highlight the need for OSNs (Online social Networks) to build more security systems "that are less vulnerable to both human exploits (i.e., social engineering) and technical exploits (i.e., platform hacks). Why? Because users want their personal information harvested and sold by Facebook proper, not some random third party.

Of course

Who doesn't want to be friends with a scraper bot?
Anonymous Coward on theregister.co.uk

People randomly accept friends and then have their data configured to be shared with them. In this case, the problem was not Facebook but was sitting in front of the computer.
yaix on news.ycombinator.com

Turing test 2.0 Machine passes, if you can not tell your new friend is not human...
trottel on theregister.co.uk

There's enough gullible people on Facebook for scammers to make money, regardless what measure Facebook puts in place.
dendory on news.ycombinator.com

This might sound harsh but...Who care? How long are people going to keep believing that information you share with people who share with other random people is ... "private"?
joe_the_user on news.ycombinator.com

Flawed research

the researches have falsely represented themselves within facebook and broken its terms of use. Further, they've annoyed and deceived a lot of FB users.
JustaKOS on theregister.co.uk

do you realise what you have done? Every Blackhat marketer reading this blog post will be drooling at the mouth right now making plans to develop such a bot.
James Jeffery on sophos.com

It seems to me that either people are really indiscriminate in who they accept as their 'friends', or the 'randomly selected "people"' were actually other socio bots :-D
JBiserkov on news.ycombinator.com

Shame on Facebook

It's not just those who sign up who get shafted by data scraping like this, their non-facebook using mates get screwed too
Anonymous Coward on theregister.co.uk

"You are not allowed to create fake profiles." Except that fake profiles are almost endemic - most of them being used purely for the purposes of social games.
mittfh on sophos.com

Facebook spokespeople at first refused to comment, then said they had serious concerns about the methodology. No announcement of security improvements has been made.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question