Over 100m Facebook profiles harvested, available in torrent

By Matthew
Jul 28, 2010
Post New Reply
  1. Just as concerns over Facebook privacy started to fade out of the headlines, a hacker has rekindled the fire by making over 100 million profiles available in a single gift-wrapped download. Ron Bowes of Skull Security compiled the 2.8GB torrent (which is currently available on TPB) by creating a web crawler to harvest the data of users listed on Facebook's open access directory.

    Read the whole story
  2. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    100 million ? That should just about do it for FaceBook...
    They better get back to work...
  3. Timonius

    Timonius TechSpot Booster Posts: 565   +30

    well, now that it's in a torrent...you've officially lost your privacy for good :) Mine as well live in a glass house :)
  4. Richy2k9

    Richy2k9 TechSpot Enthusiast Posts: 515

    hello ...

    this is spooky .... I have the strict minimal info on FB, yet i don't really like being exposed.

    cheers!
  5. yowanvista

    yowanvista Newcomer, in training Posts: 82

    It's just profile data not hidden by user privacy settings
  6. hellokitty[hk]

    hellokitty[hk] I'm a TechSpot Evangelist Posts: 4,257   +110

    LMAO I bet this was done just to d*** move facebook.
  7. Night Hacker

    Night Hacker TechSpot Enthusiast Posts: 103   +10

    Honestly... "hacked"? Pulease... how is this HACKED? It's just publicly available information compiled into a torrent, big whoop! You just made someone famous for browsing the web. LOL
  8. Kibaruk

    Kibaruk TechSpot Paladin Posts: 1,119   +51

    I love how people get access to internet, post in forums, are part of big comunities, even TECHnological comunities... and still don't know how to read a 3 paragraph news, amazing!

    @Everyone who is lazy to read the story: Facebook leaves privacy to its users, if they want their information to be open to public is something they have to live with, not facebook. By the way I'm in no way related to facebook or someone who is, so I'm not defending them.
  9. Matthew

    Matthew TechSpot Staff Topic Starter Posts: 6,020   +83 Staff Member

    Not sure where you're quoting "hacked" from but it's not this post.
  10. Night Hacker

    Night Hacker TechSpot Enthusiast Posts: 103   +10

    I think they were implying some sort of hacking with "a hacker has rekindled the fire by making over 100 million profiles available". A hacker? It's a list of names. THAT'S IT... nothing more. Big whoop. He compiled a list of 100million PUBLICLY AVAILABLE NAMES... just NAMES... nothing more... I don't see how this would make anyone concerned. I don't know why anyone would even bother wanting a list of Facebook names.
  11. Night Hacker

    Night Hacker TechSpot Enthusiast Posts: 103   +10

    Also, the article states "profiles" were "harvested", no, they were not. Just names, nothing more. Next time you post an article, you might actually want to download and look at what you are reporting about. Just a list of names. No hacking (stating "a hacker" implies he "hacked", very crafty, but inaccurate). Looks like you're trying to create a big story here where there is nothing.
  12. Matthew

    Matthew TechSpot Staff Topic Starter Posts: 6,020   +83 Staff Member

    You are wildly mistaken. I referred to the person as a hacker because it's what he is -- regardless of his acts in this particular situation (which would still fit the general description of a hacker). It's more indicative of the individual's background than say, "a person who enjoys tinkering with things." Call him a "security researcher" if it makes you feel more comfortable.

    Furthermore, I *have* downloaded the package, and no it's not *just* names. The profiles (HTML, images and all) aren't included (obvious if it's a 2.8GB file), but the URLs to each page are, which is all the same if you know how to copy and paste. You can call that as you may, but in my book, collecting the direct links to 100+ million profiles is "harvesting" them:

    [QUOTE="Dictionary]
    6 .to gather (a crop or the like); reap.
    7. to gather the crop from: to harvest the fields.
    8. to gain, win, acquire, or use (a prize, product, or result of any past act, process, plan, etc.).
    9. to catch, take, or remove for use: Fishermen harvested hundreds of salmon from the river.[/QUOTE]

    Many of those 100+ million users undoubtedly don't want their name and profile viewable to an untold number of people, but because they don't understand Facebook's privacy settings (or for some other reason), their profile remains publicly accessible. It draws into question whether more should be done to protect user privacy instead of expecting them to take the initiative or understand how to do it themselves.

    Looks like you're trying to heckle "here where there is nothing."
  13. gobbybobby

    gobbybobby TechSpot Maniac Posts: 530

    More bad news for Facebook who have been in the news alot recently, for then wrong reason. I hope my data is not on there, tho I didn't have my Home phonenumber and the mobile number on there I no longer use, so its no biggy really. The email I use is my ''public'' email. People should not give over all there information to any social networking website, its just not safe.
     
  14. tipstir

    tipstir TS Ambassador Posts: 4,490   +73

    I've confirmed the files are there on that site. I would like to know if my wife, me and the all our families are posted in those files. This is not a good policy at FaceBook to do this. They want you to link up your email so their vendors can send you all sorts of nonsense. Zynga who has most of the share on that site wants you to bookmark them, buy all sorts of things through them. I haven't purchased anything. I like the playing the CafeWorld but I don't want to share my info with the people on my cafe world list. If you upload private photo's then they're not private anymore. You could block who can see these photos. I did a test and was able to sneak in around a backdoor into one of my accounts that was for my eye's only. So that tells me nothing can be blocked except people you don't want to bother with anymore.
  15. I think anyone that uses programs like Facebook and gets upset with someone 'harvesting' personal information is delusional! Why would anyone put information on such a massive, low security system if they had the first concern about someone they don't know getting it??? Do any of you KNOW one single person involved with Facebook the organization? No, you don't, yet somehow the harvesting of your information is a breach of your privacy? The breach occurred when you put that information out there! My advice is short and simple: LEARN TO USE YOUR COMPUTER! Learn to navigate, copy and paste, and work directly from your computer to interact with your friends. Further, own and use an external hard drive to store data and keep the information on that backed up on RW able disc on a regular basis. (I keep NOTHING on my computer's hard drive that I consider 'sacred'.) The real danger is someone doing something truly evil with your information, like having your Social Security number, driver's license number, DOB, etc. Something that allows another to defraud you. Charity isn't the only thing that begins at home. So does security and VISION!
  16. Privacy is a relic of the past that has become obsolete. Very sad.
  17. luvhuffer

    luvhuffer TechSpot Paladin Posts: 637

    Oh gee! Now this Ron guy has my info. Along with the DEA and INTERPOL. Guess I better move those runaways living in my attic. Oh wait...I almost forgot. I don't give a crap. Never mind.
  18. raybay

    raybay TechSpot Evangelist Posts: 10,716   +6

    The real danger is that their system is so amateurish that 100 Million addresses could be downloaded... and those messages could identify you, because of the information the sender has on you. Securtiy just slid down deeper into the goop.
  19. Night Hacker

    Night Hacker TechSpot Enthusiast Posts: 103   +10

    it's still all PUBLICLY available information. Hardly a risk to anyone. So he has 100 MILLION URLs in a list, it's no more a risk than them being available ONLINE.... unless you know who you are looking for, I doubt anyone is going to browse through 100 million URLs and if they did, it would be no different than browsing them ONLINE.... there is NO risk here, this is not a big deal other than what you're trying to make it. All profiles linked to are PUBLICLY AVAILABLE... any information you get you will STILL have to connect to Facebook to get, PERIOD. As I said, he has NO INFORMATION on anyone other than their name. A URL isn't harvested information, it's a URL... something anyone can get online.

    You're just trying to sensationalize a very boring story. And lets say, for sake of argument that there is private information in there (which there isn't), YOU JUST SUPPLIED A LINK FOR EVERYONE TO DOWNLOAD IT!!!!! Either the information is useless like this story, or it is very private and you just provided everyone here with 100million harvested accounts which would be the height of irresponsibility!!! Which is it? Useless story, or highly irresponsible?
  20. Anyone that puts their information up on the internet, and is then shocked when people on the internet can view that information clearly shouldn't have a net connection.
  21. hellokitty[hk]

    hellokitty[hk] I'm a TechSpot Evangelist Posts: 4,257   +110

    I mentioned above that I think the point is just to make facebook look bad; and I think its hilarious.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.