Mack-Line: Six million exposed by Facebook glitch

With apologies to readers, privacy is again the topic of this column, with an emphasis this week on Facebook.

It appears personal details of about six million people were inadvertently exposed by a bug in Facebook's data archive. As a percentage, six million is not much out of more than a billion users, but it is significant.

The bug meant email and telephone numbers were accidentally shared with people who would not otherwise have had access to the information. So far, there was no evidence the data exposed was being exploited for malicious ends, Facebook said.

The company said it was upset and embarrassed by the bug, which was found by a programmer outside the company.

In a related matter, technology writer Shelly Palmer says a hacker has exploited Facebook's Graph Search to collect a database of thousands of phone numbers and Facebook users.

Both parties agreed that all the information was left public by users (even if the users themselves may still not realise it).

Facebook issued the hacker a cease and desist after he continued to scrape data and argued with Facebook that the availability of the information invaded users' privacy. Brandon Copley, a mobile developer in Dallas, Texas, searched and downloaded 2.5 million entries of phone numbers from the social network.

He says many of these entries are empty, as they are either not active numbers or not connected to a Facebook user with public settings.

He did note that thousands of entries did match a phone number with the name of a Facebook user.

Facebook said data exposure came about because of the way it handled uploaded contact lists and address books.

Typically, it said, it analysed the names and contact details on those lists so it could make friend recommendations and put people in touch with those they knew.

The bug meant some of the information Facebook generated during that process was stored alongside the uploaded contact lists and address books. That meant when someone downloaded their profile, the extra data had travelled with it, letting people see contact details that had not been explicitly shared with them.

An investigation into the bug showed contact details were inadvertently shared in that way. Despite that, Facebook said the practical impact had been small because information was most likely to have been shared with people who already knew the affected individuals.

Security analyst Graham Cluley criticised Facebook's release of the information just before the weekend and said the disclosure had been more about ''damage limitation'' than making sure the information reached as wide an audience as possible.

On another Facebook topic, its Instagram subsidiary has launched a video feature in what may be considered a big boost to its future.

Mackline is not a big user of Instagram but according to social media analytics site Topsy, the number of Vine videos shared on Twitter has dropped dramatically since Facebook launched videos on Instagram.

Facebook bought Instagram for $US1 billion ($NZ1.28 billion) in cash and stock in 2012 and Twitter acquired Vine for $US30 million in the same year.

Vine lets its nearly 20 million users share six-second videos and has grown increasingly popular since its launch in January.

The Topsy chart that maps shares on Twitter of Instagram photos and videos versus Vine videos shows the change is drastic. After reaching a peak of nearly 2.9 million shares on June 15, Vine shares on Twitter dropped sharply to 1.35 million - a more than a 50% fall - on June 21, just a day after Instagram video was launched.

It is a dog-eat-dog world in social media and it is no secret Facebook and Twitter are competing for the top position in the social sharing world.

It appears they are playing offence rather than defence, with Instagram moving quickly into Vine's video space and Vine encouraging Twitter users in an email to download Vine and granting an informative interview to the New York Times.



dene.mackenzie@odt.co.nz

Twitter:
@mackersline