Is Facebook a hacker?

This post is inspired by a dear friend on my profile who commented when I posted this status update:

“With the new ‘FB timeline’ on its way this week for EVERYONE…please do both of us a favour. Hover over my name above. In a few seconds you’ll see a box that says “Subscribed”. Hover over that, go to “ and ” and unclick it. That will stop my posts and yours to me from showing up on the side bar for everyone to see, but MOST IMPORTANTLY IT LIMITS from invading our profiles. If you repost this I will do the same for you. You’ll know I’ve acknowledged you because if you tell me that you’ve done it I”ll ‘like’ it. Thanks”

My friend commented that her have shared an article about how the above status update that is circulating is a . She gave me this link to the article on a website called thatsnonsense.com reporting it is a unfounded rumour. Upon read this article, I became aware how myself and the author differ in our understanding of the term . To clarify for my friend I started to write this response in a comment on my status update. Given the length of my response, I’m it here. I responded with the following.

1. Source of web information

Always consider who is the source of the information before sharing it. I know why I shared the status update (see 2-4 below) and which friend I first saw it circulating, but I was curious on the source of this article also. Perhaps it is all about interpretation.

I wondered who is thatsnonsense.com? The author of this article, whose name is not published (red flag) on a website whose owner is not transparent (red flag) gives some good advice about privacy settings, but then directs readers to their Facebook page and blog for more information about online hoaxes and a website surrounded by pay per click advertising. Many websites use these forms of marketing to generate revenue to fund their content, but credible sources of website content especially about technology and privacy (e.g., Mashable) are very clear about the authors of their posts and what is the company status – if it is a company. Thatsnonsense.com is a website is run by craigspace.co.uk, which is not a company but a 22 year old IT graduate from Plymouth University. He goes by craigy_lad on Myspace. From the site it appears to money is made out off the traffic to thatsnonsense.com and a Facebook Fan page is used to generate traffic to to the articles. Great if they are accurate and credible content. Not a problem. But why do none of the posts indicate the post authors name, the authors bio or where he/she is located, perhaps I missed it. The whois server indicates Canada (where the webpage is probably hosted). Even the ‘contact us’ page is questionable, no contact details, just a web form.

So would I trust what this site tells me given I don’t know the author of the posts and how revenue is being generated through it. No, not really! I am sure the author is very knowledgeable, but given how anyone can build a website today and offer advice, to me, the source is always very important and should be transparent, especially in this context to help readers evaluate credibility and accuracy of the information being reported.

The author (and others) are correct that your privacy settings are most important on Facebook, but so too is understanding what we mean by ‘ your Facebook’ profile and the purpose of the Facebook Ticker.

2. Who is the hacker?

Mainstream media would have you believe a hacker is someone who breaches security to access systems illegally and unethically. A computer villian. However this is a cracker, not a hacker. There is much controversy around how popular culture – driven by media journalists and film have used the term hacker. Some of us still hold true to use of the term as a positive creative computer geek who is different in intent and authorisation to a cracker, i.e., someone who cracks into secure systems with negative intentions. You can read much about the controversial history of these terms on Wikipedia and the sources this article provides for a good historical read.

In sharing this status update, the geek that I am, I looked upon “a hacker” NOT as someone who will violate my Facebook privacy and security settings from the outside, but as someone who will hack the code and content of the Facebook system and my profile – with authorisation – to what they believe is for a positive reason. For Facebook that would be sharing more information. In this, a hacker is someone who likes to mashup content, code and systems to create things and they often work in paid respectable professions, coming up with solutions and ideas to IT and business problems. For example, Hackers created the Internet at APARNET (big applause  for that one!). But hackers are also increasingly are working in Digital Marketing – mashing up code and content to create ways and means to acquire, share and profit from through advertising with the information I share through social media.

In this, Facebook could be seen as a hacker of their system to find new and differing ways to access, mash together and share our personal information and that of our friends.

3. The Facebook Ticker

The Facebook Ticker is about sharing ‘everything.’ This appear to be the ethos of Facebook. Sharing everything as a ‘good thing’. What is unclear about the ticker is ‘with whom’ is this information – updates, uploads, comments and likes shared with. Friends = yes! Friends of friends = depends on your and your friends privacy settings. Third party app developers = yes. Marketers or advertisers = of course! Inside Facebook has an interesting article on this.  The main way to protect your information is to not post anything on Facebook and to stop using the service. If though this is too big a step, ensure ALL you’re your settings are at ‘Friends only!” and that all the social apps you have downloaded to your Facebook profile (e.g., Spotify, Netflix) are not integrated with your Facebook or the settings on these apps . Sharing content between accounts and with friends on Facebook is a personal choice. But know what you are agreeing to when you sign-up to a service, click “login through my Facebook account” or ‘Share with X App”.

The Facebook Ticker includes Facebook sponsored stories. Mashable.com, a respected source on all things social media, provides some insight to Facebook sponsored stories. In this, and some may disagree with me, Facebook is hacking my newsfeed and personal information mixing personal updates from Friends with advertising (Yuk!) to relay in the Facebook Ticker. A feature I can’t easily remove from my profile. Given how we are not used to seeing advertising in our wall feeds the Facebook Ticker, immersing updates, likes, comments with advertising – that is sponsored stories, is the next best thing.

So who is the ‘hacker?’ Facebook perhaps! Not some IT geek hiding away in a basement in the dark somewhere.

4. Why from Friends Comments & Likes (and ask friends to to yours)?

Facebook is hacking a lot of their system to find ways and means for us to share more with others, more often and more personal information. Sharing is their business and the Facebook Ticker an interesting addition.

Sharing comments and likes with my friends is a personal choice, not Facebooks choice. If a friend asks you to unsubscribe, unsubscribe. Unsubscribing means friends won’t see the conversations you have with other friends (if privacy permits) and pages or comments your like. Coupled with privacy settings, unsubscribing enables some control (albeit a little) control of what ‘conversations’ (comments) and ‘social interactions’ (‘like’) are shared with friends, friends of friends, and become mashed up with advertising through the feature: Facebook Ticker. For both you and your friends. It limits some of the social viral effect of Facebook.

For example, I’m interested in updates from Debra, I’ll see them in my wall and comment on them. Debra as my friend will get a notification that I’ve commented. We have a public conversation. But all our ‘mutual friends’ or ‘friends of friends (if privacy settings are such) will not get an update in their Facebook Ticker on their profile page that this conversations is going on. Let’s call it Facebook eavesdropping or friend spamming. In the past I could tick a box in my privacy settings that indicated ‘not sharing pages I liked and comments’ with friends. Interesting how Facebook has hacked this privacy option in the new Timeline and I find myself spending time to reinstate this option by asking friends to unsubscribe.

I agree, that asking friends to unsubscribe won’t limit Facebook hacking their system, but it places choice back in the users hands, to have a little more control over what you share with whom. For example:

  1. To share updates, photo uploads on you wall and timeline etc just with friends: Ensure privacy settings are set to ‘friends only’ on every thing (updates, photos etc) so only friends will see them when they are updated or uploaded. Friends can comment and like on said content.
  2. To share comments and likes (social interaction through Facebook) with only the friends you are having those interactions with: Ask friends to unsubscribe from your comments and likes – (so your conversations don’t appear in their  Facebook Ticker feed) and do the same to for them, so you don’t see their social interactions.

5. In summary …

The moral of this long blog post that started as a comment on a status update on Facebook …

  1. Consider the source of information. Dig deeper to the source of information that is not transparent about who they are and the information they provide, especially websites offering advice. That includes the ‘copy and paste’ viral status updates’s and articles by authors who make money through web traffic to articles (true or not) about what is or is not an online hoax or breech of privacy. Find a credible and transparent source you trust, especially when it is about online privacy.
  2. Consider who the hacker is. It might actually be someone who you have granted permission to use your information how they see fit. Don’t trust a company whose business model is built on ‘hacking’ their systems to find new and different ways to share your personal information, mashing it up with paid content like advertising in order to make money. Not everyone believes sharing ‘everything’ is a good thing. If you participate, become informed or in the least, tick “Friends Only” for everything while you are learning. I’m still learning and work in this business.
  3. Consider who you are sharing with. Chances are all your Facebook friends won’t have their privacy settings set to ‘friends only’ or will have the same friend network on their profiles as you do. Your friends are possibly connected to people who you ‘wouldn’t want’ to see your updates, uploads, comments and likes. So although there is no negative intention in this, be aware that the definition of sharing is: “a part or portion of a larger amount which is divided among a number of people, or to which a number of people contribute” (Oxford English Dictionary).
  4. Consider the sharing choices of your friends. Respect your friends on Facebook, the choices they make in what they share, and what they ask of you – as their friend – to share or not share about them. If they ask you to unsubscribe – unsubscribe. This goes for photos and tagging too. Facebook is meant to be a friendship network, wherein we keep up to date with friends, keep in contact and share. But like most social gatherings and social groups, the meaning of word friend and our expectations on how a friend behaves is fluid. We all see the world differently. Here is a talk I gave on Rediscovering Friendship for TEDxCardiff  last year. In it I talk about how friendship is a behaviour – something we do, enact and share. It is not a word or connection on Facebook.

I hope this blog post is of value to others, both connected and not connected through my Facebook profile. In the very least I hope it helps to raise awareness of both the personal and commercial implications (and our individual responsibilities) of communications through the digital social network that is Facebook.

Smiles

Kelly

9 comments

add comment
Craig (from ThatsNonsense.com) (3 years ago)

Your post contains some good advice Kelly, even though I would not agree with posting the status update you posted as it is misleading and innacurate. Also worth mentioning is several sources are better than one.
http://facecrooks.com/Internet-Safety-Privacy/hoax-alert-with-the-new-fb-timeline-on-its-way-hover-over-my-name-above-this-doesnt-work.html
http://nakedsecurity.sophos.com/2011/09/26/facebook-ticker-privacy-scare/

And if you want to know more about us, you can always ask :)

    Kelly Page (3 years ago)

    Craig,
    Wonderful that you’ve joined the discussion. Thanks also for the extra links to other sources. I mentioned you as this was the article that I was given. Would be nice to see your posts on your website with author details. You have some great information, but author/source details are important.

    As I indicated above, I read this as Facebook as the Hacker … not some external party trying to crack your profiles security to acquire data and information. Perhaps it is important to raise peoples awareness of this, as I am sure you agree, often it is those we give permissions and access to content and information we should be most worried about. It is also important to differentiate between ‘hacker’ and ‘cracker’ …

    Thanks for commenting.
    Kelly

Craig (from ThatsNonsense.com) (3 years ago)

Kelly, I’ll look into providing more details on authors for you. It will probably be considered in our next redesign early on in the new year.
As for the importance of differentiating between “cracker” and “hacker”, you’re fighting a losing battle. Since computer security was discovered as “cool” by both Hollywood and mainstream media, the term hacker has essentially all but lost its true meaning as someone who creates and shares software, and now essentially means what most expect it to mean – an external party who compromises accounts, “cracks” security software, social engineers phishing attacks. I agree its important to remind others of its historical meaning, but alas thats all it is now – history.

As for the meaning of hacker implied in the message, I can assure you that after personally seeing thousands of these messages evolve on Facebook to the one you see today, the author of the message certainly means “hacker” in the current mainstream sense – an external party; malicous and devious. Not Facebook. Messages like these are designed to panic and alarm Facebook users (who interpret “hacker” in the same way) into circulating their messages. If you were to mean “hacker” as Facebook, I would – in todays climates – suggest wording the message much differently.

    Kelly Page (3 years ago)

    Craig. Apologies for late reply, was busy with family and writing. As for the ‘loss of the meaning’ of the word hacker. I will again disagree with you. I’m a member of a ‘hackers’ group, and everyone is legitimate and legal in how and what they hack. One of the members his job title is ‘Creative Hack’. So it is still alive and well. As for the media and hollywood … if we believe everything they want us to believe, I fear we’d be in a worse state than we currently are now. Much of their popularise writing is fiction created to sell newspapers and block-buster movies. :-) Good luck with your website redesign. You have some great content on there. :-)

Phil (3 years ago)

Hi,
You pointed me to this article after sharing the link in a comment on my Sister’s status.
You do raise some very good and valid points. However I disagree with you completely.

Facebook is a social network, which about sharing with friends, colleagues and acquaintances.
There is nothing forcing you to share on Facebook, the only information that is shared is what you allow to be shared. If you don’t want something to be shared then don’t share it in the first place or remove it from the site.
When Facebook announced the timeline feature (a couple of months back for those with developer profiles) they made it very clear in the compulsory tutorial that you could remover whatever you wanted from your timeline. It was a feature to show what you wanted about your time on Facebook.
Admittedly you could click through this tutorial and ignore it if you wanted to.

Facebook is also very transparent about who things are shared with. They are a lot better than they used to. On my sister’s status which you commented it is very clear who it is shared with. If you hover over the small icon that looks like the old MSN buddy icon it clearly says that it’s shared with my sisters friends. That means that my friends can’t see it and neither can yours.

I choose to make some of my status updates public, some I share with all my friends and some I share with only a select few. If people took the time to read about the security and privacy features facebook offers then there would be no worries about “Hackers”.

I think in the sense you’re meaning the only hackers are the users themselves.

    Kelly Page (3 years ago)

    Phil. Thanks for the comment. I do agree with you. Of course all we share is by choice on FB. What I post, with whom in my friendship and FB network. However, where I disagree with you is where FB is not so clear as to how this information is shared with advertisers and third-party’s. FB could make this much clearer. Also, FB privacy settings are adjusted (understandably) with each new version and addition. With this comes a responsibility for FB to ensure settings selected in one version and still valid in the next. However, often this is not the case. As in the example I used in the blog post. In the older FB skin I’d selected that ‘comments’ and ‘likes’ are not shared with friends. However, the feature ‘Facebook Ticker’, released before the timeline, I have to ask friends to unsubscribe from these. As I’d indicated in the article, Facebook is the Hacker (as are most social media sites interested in your data and manipulating their systems to acquire and share more of it!). All the best.

Richard Griffith (3 years ago)

Most of the hacker stuff I see, the user never knew the attack took place. Hacking via social engineering is very effective since clicking on a link allows things to take place that the standard hacking tools may not be able to access (Windows 7 security may prevent if enabled correctly). Personal information on Facebook is a goldmine for a social engineered email which could lead to a more serious compromise such as a password key logger.

    Kelly Page (3 years ago)

    Agree Richard. Social information is much richer about a users, than typical demographic or contact information. :-) It pays to be as informed as one can.

Craig (2 years ago)

Yes, maybe when I consigned the orignal hacker term as history I was going too far, but its fair to say that it is only now used within small communities who centralise around IT. Go on to the street and ask 100 people what they think the term means and tally the results.

Its not about believing Hollywood or the media as such, the comment was more to do with how they influence the words we use and their meanings.

Leave Comment