Category Archives: facepiles

Adjust Default Privacy Settings, Controlled sharing, Facebook, Facebook Secrets, Facebook Tricks, facepiles, Google +

How to Stalk on Facebook and Google +

Leave a comment

Warning: This post is NOT a guide to stalking. It’s a warning to everyone who doesn’t take the time to adjust their privacy settings. Facebook and Google +, thanks to their interest in making a buck for their shareholders, don’t care about your privacy. The more you reveal, the more they know. Both can adjust their ads specifically to your particular demographic, your pattern if you will, hoping you will buy something from one of those ads. If you click on something, they know about it and they remember it. As you travel around the Internet with your accounts open, they will know everywhere you go and, to a certain extent, everything you do. You’ve been warned.

Here is a step by step, do-it-yourself, stalking manual.

1. Pick a magazine, any magazine. Better yet, pick a magazine that appeals to the type of person you are looking for. Here are a couple of examples, straight from the Internet:

Photo of Stalking 1
This is from Google + but the idea is the same.

 

In the above example from Seventeen Magazine, hovering over the Google + icon brings up the ‘Follow’ button. Clicking on any profile photo brings up their Google + profile. Believe it or not, and this is the scary part, Google + seems worse than Facebook on this issue because we do not have a Google + account yet we were still able to view the profiles. It gets worse. On one of the profiles we clicked on, we were able to see two important maps. One was of the school that the person attended, the other was a map to their home, complete with street name and number,  believe it or not.

Here’s another:

Photo of Stalking 2
This is a Facebook facepile.

 

We weren’t able to find a facepile on a North American magazine site in time for this post but a magazine from Singapore had one. If you hover your mouse over a photo, the person’s name pops up. If you click on any profile photo, you are taken to that person’s Facebook page. Depending on your privacy settings, a complete stranger, even one who does not have a Facebook account, can see everything that you haven’t bothered to hide. Here is an example of someone who didn’t hide very much at all. (We were able to see this without being logged into Facebook):

Photo of Stalking 3
It’s all there, isn’t it?

 

Her school, her city, lots of photos…it’s all here. Remember, this information is available to anyone,whether they have a Facebook account or not, simply by clicking on a tiny profile photo.  Here’s what we think a stranger should see when they click on a link in a facepile:

 

Photo of Stalking 4
Still some information but not much.

 

In the example above, we can see this person’s school but not much else, other than her name. We are not signed into Facebook, by the way. This person’s profile photo is good, too. It does not reveal too much about the person. Think about your profile photo. What does it show about you? What information are you revealing to the public?

We don’t use Google + (we are in the process of figuring it out) so we can’t advise you on your privacy settings yet. With Facebook, remember that you can hide everything except your profile photo, your timeline covers and any mutual friends you have with the person who is viewing your profile, provided that you have any and that the person is signed into Facebook. There is no need to make any information public, it’s not a requirement. Choose your own level of privacy, one that you feel is secure and, most important, make sure your young friends and relatives have their privacy set to reveal the absolute minimum.

We hope this post has made you think about what information you are putting out for the world to see. What information are your children sharing with the world? What about your friends who are less comfortable with computers and/or social networking? Maybe you can refer them to us or, better yet, help them lock down their privacy using our guides.

Thanks for reading!

 

Adjust Default Privacy Settings, Controlled sharing, Facebook, Facebook Ad Privacy Settings, facepiles

When Facebook Privacy Settings Don’t Work – Part Two (May 24, 2013)

Leave a comment

In our last post, we discussed some facepiles that we found on a website. To catch up with us, here’s the link to that post:   When Facebook Privacy Settings Don’t Work 

In the comment section at the bottom of the Songza page, each comment has a photo and a name attached. This is how it looks:

Photo of Songza Facepile
Comments with photos and a name on the Songza site.

 

As you can see, we get a bit of information from each commenter, always a photo and a name. Why is that? Because you cannot keep your Facebook name and profile photo private, they have to be shared as part of your agreement with Facebook. Just about everything else can be hidden. Just about, those are the key words.

Yesterday, we decided to play with the settings. First, we commented, then we checked the site from another browser, just to see what we could find out from the link to the Facebook profile. Turns out the comment had the name of the poster AND his location.

We headed back to our Facebook profile and hid where the poster was from, simply by setting Location (under Privacy, then About, then Location and Edit) to ‘Only Me’. Back to Songza to refresh the page and see what the comment looked like after the change. We were shocked to see that instead of the commenter’s location, we were now able to see the commenter’s age! Knowing full well that this person had hidden their age, we headed back to Facebook in another browser to check. Sure enough, the year of birth was set to ‘Only Me’. Yes, the day and month were there for friends to see but the person’s actual year of birth was set to ‘Only Me’.

Unfortunately, we cannot duplicate this error today. The point of this post is  to show you that, while you think your privacy settings work the way Facebook tells you they do, sometimes they don’t. If you have any piece of information on Facebook that you think is completely private, there are times when it isn’t. In our next post, we’ll offer a solution, one that we’ve suggested before. Stay tuned!

Thanks for reading!

Why not Like us on Facebook? Here’s the link: Computers Made Simple on Facebook

 

 

Adjust Default Privacy Settings, Controlled sharing, Facebook, Facebook Ad Privacy Settings, facepiles

When Facebook Privacy Settings Don’t Work – May 24, 2013

Leave a comment

Just when you think that you’ve got your Facebook privacy settings perfectly tuned, a snag pops up. No matter how private you think your Facebook profile is, something always comes up to prove you wrong. This post is about an incident that occurred yesterday so it’s current and, to be frank, it’s troubling. See what you think.

TIP: This post might seem a bit convoluted, maybe confusing, but the point of it is this: Don’t assume that your privacy settings are locked and secure. Facebook treats its users as commodities, not individuals. You’re simply a means for them to make money. Don’t expect fair or even honest treatment.

Yesterday, May 23, 2103, one of our staffers was listening to music on Songza.com. Here’s the site: Songza – Listen to Music

To save time, he signed in with Facebook. That was a mistake, as it turns out. After choosing his playlist, this user noticed that Songza made use of  Facebook facepiles. Here is what a facepile looks like:

Photo of Facebook Facepiles 1
Technically, this isn’t a Facebook facepile but every user here is from Facebook.

You’ve seen these everywhere around the Internet, right? A box of faces from people who use or like the site. This particular facepile is a bit different from most. When you click on one of the faces, you get the user’s Songza profile, not their Facebook profile. Seems safe enough, right? We clicked on one user. This is what we found:

Photo of Facebook Facepiles 2
This is the user’s profile on Songza.

 

So far, this seems pretty straightforward, fairly innocuous. It’s not. This person’s profile name is cheryl.hatten.3  as you can see at the top. Is this that person’s Songza name or is it her Facebook name? We typed that name into the Facebook search slot and came up with this:

Photo of Facebook Facepiles 3
What’s this? A Facebook profile? Sure as hell is.

 

What do we know about Cheryl? We know her maiden name is Colley, that she probably lives in Lethbridge and that she most likely works for the Alberta Child Care Association. We also have a picture of someone who may be her daughter. Most likely Cheryl knows nothing about this. All she did was sign up for Songza by linking her Facebook account to a fairly popular and, supposedly, reputable website. Songza, in their defence, may not be fully aware of how this particular part of Facebook is being used. These websites are designed and run by professional webmasters who simply follow instructions and, as we all do, fight for their share of visitors.

Not to get too technical here, these facepiles are all part of what is called ‘Social Plugins’. If you want to know more about all of this, here is a link to the Facebook developer’s site: Social Plugins  Songza seems to have found a loophole here since their facepile is linked initially to their Songza account, not to the user’s Facebook profile. The only way you can track down the user is to do what we did, search for the user’s name on Facebook. But wait, there’s more to this than meets the eye.

Farther down the playlist page, there is a comment section. Every comment shown on the page is from a Facebook user. Here is one:

Photo of Facebook Facepiles 5
Comments with photos. No big deal here, right? You’d be surprised.

 

Let’s click on one of the photos or names to see where we are lead:

Photo of Facebook Facepiles 6
A direct link to Katherine’s Facebook profile.

Here we go again. You can see for yourself what information we can glean from this profile. If you actually go to Songza and click on any photo in the comment section then click on various parts of the profile that comes up, you’ll most likely discover all kinds of things about the person, things that they didn’t feel were worth keeping private. In several cases we found maps which indicated where they lived, what groups they were members of, what networks they were in,  who they were following and so on. Honestly, you would be surprised and probably shocked at what bits and pieces of personal information you could glean from all of this. You’d be even more surprised to find that information that you have essentially hidden by making it available to ‘Only Me’,  is wide open to the world.

Stay tuned for the next post which examines one particular flaw in the system. This flaw reveals information about you even when you have your privacy settings set to ‘Only Me’. Believe it or not, it’s true.

Thanks for reading!

Facebook, Facebook 101, Facebook Ad Privacy Settings, Facebook Secrets, Facebook Tricks, facepiles

Facebook 101 – Part 8 – The Hidden Dangers of Facepiles

4 Comments

Here are three images from Facebook facepiles, those ubiquitous groups of faces seen on an alarming number of websites:

1. This is from Seventeen Magazine.

A facepile from Seventeen Magazine
Recognize anyone? No? Neither do we.

2. This is from Girl’s Life magazine.

A facepile from the Girl's Life site
Only five but, again, these are strangers...young strangers.

3. This is from Stickam.com, a very popular teen webcam chat site.

A facepile from Stickam.com
Ten complete strangers, including one from the States. Oh, she is 17.

These Facebook facepiles are from three popular teen websites. All three show Facebook profiles of Facebook users who have clicked the ‘like’  button on the respective company’s site. Facebook tells us that this social plugin will only show the profiles of friends of the user who views the facepile. In these three cases, and many more that we’ve discovered, this is not the case. The profile photos, complete with clickable links to the user’s Facebook profile page, are all complete strangers and, in almost every case, are profiles of teen users. Some of the profiles shown are those of very young users, we should add.

Do you see a problem with this? We do. There is no harm in a facepile of your friends on a website where you and many of your friends have clicked ‘like’. There is harm in going to a website where you can easily click on someone’s profile photo and get instant access to their Facebook profile. There is even more harm if that profile belongs to a teen Facebook user, wouldn’t you agree?

Here’s what Facebook has to say about this: https://www.facebook.com/settings?tab=ads

The key lines are these:

“You may see social context on third party sites, including in adverts, through Facebook social plugins. Although social plugins enable you to have a social experience on a third party site, Facebook does not share your information with the third party sites hosting the social plugins. Learn more about social plugins.”

The social plugins query leads you to this page: https://developers.facebook.com/docs/plugins/

There is nothing on that page about strangers having access to your Facebook profile. If you click the word ‘facepile’ on the left side of that page, you are taken to this page:

https://developers.facebook.com/docs/reference/plugins/facepile/  which describes the implementation of the facepile but, again, there is no mention of the faces being clickable to either friends or strangers.

What we have here is an incomplete, and dangerous, flaw in the Facebook system. In the rush to monetize user profiles, Facebook has opened the doors to abuse of its own system. Facebook isn’t a dating site. It’s for friends, people who really know each other. Why then is it possible to click your way to profiles of complete strangers? Why is it possible for complete strangers to click their way to your Facebook profile? Something is wrong in this scenario and we really wish that Facebook would change the policy.

In previous posts, we’ve shown examples of proper implementation of the facepile social plugin, notably on the Mashable.com site. If you haven’t ‘liked’ Mashable, then you see no facepile. If you have clicked ‘like’ then you see a facepile but one that shows only your friends who have also ‘liked’ Mashable. The plugin can work the way it’s supposed to. We’re asking why it doesn’t work that way all the time.

Thanks for reading! Please share this post, retweet it, post it on Facebook, whatever it takes to clear up this problem.