Dec.af Sites:    Contacts Lenses Comparison | Funny Status | The Trailermash  | Craawler SEO & Website Spellchecker Tool | Image to Base 64 Tool

  • Our comprehensive guide to everything Facebook Chat related.
  • Images showing removal of Facebook's rounded corners reveal hidden new features.
  • Exposing the spam Facebook Pages with audiences of millions.

Private Facebook info accessible with a simple hack

Written by FBHiveD on . Posted in News, Privacy & Security


Update 1: Facebook have now fixed this exploit, and have also ask we remove the pictures of proof below. We’re going to comply with their request, but expect a follow up story shortly on how we did it.

Update 2: Watch our video on just how we did it.

Facebook has long touted their privacy settings as being highly customizable and secure, so you can be more open and comfortable about sharing information with just the people you choose, but what about when you want protection for your identity, does it really work? And how would you feel if that information was accessible to anyone, anywhere, even if your account was COMPLETELY hidden?

FBHive, for our premiere feature article, is first to break this story.

In June 2007, The Register reported that Facebook Search could be utilized to sniff out private information. This is similar to what we have achieved, only our process is much more simplified and specific. With a simple hack, everything listed in a person’s “Basic Information” section can be viewed, no matter what their privacy settings are. This information includes networks, sex, birthday, hometown, siblings, parents, relationship status, interested in, looking for, political views and religious views.

We have already reported this bug to Facebook on June 7th 2009, through multiple avenues, but it has received little attention. Hopefully this incites a little more action from them.

So I suppose you want proof, right? First up, Facebook Founder and CEO, Mark Zuckerberg:

I can hear you already: “All that information is public knowledge. Anyone could fake that.”
Okay, how about… Founder of Digg, co-host of Diggnation and all-round cool guy, Kevin Rose?

Still not enough? Okay, one more. Co-editor of Boing Boing and famous blogger, Cory Doctorow:

According to Wikipedia he’s been happily married since October 2008. His Facebook profile only says he’s engaged.

If you still don’t believe us, feel free to leave a link to your Facebook profile in the comments and we will gladly tell you a little bit about yourself that you thought only your friends could see. (Edit: Since TechCrunch has now confirmed our exploit as real, we will no longer be offering further proof for individuals.)

We are not malicious hackers by any means, and our skills are far from advanced. We here at FBHive are fans of Facebook, but when a security hole as big as this is discovered and brought to their attention, it shouldn’t take 15 days to fix.

We can confirm that as of June 22, this hack is still working. In the next few days, we will be posting a follow-up article that details how we did it.

Tags:

Comments (52)

  • ???????????

    |

    Hi there to every body, it’s my first pay a quick visit of this blog; this
    weblog includes awesome and in fact fine material for
    visitors.

    Reply

  • click here

    |

    Do you mind if I quote a couple of your articles as long as I provide credit and sources back to your site?
    My blog is in the very same niche as yours and my visitors
    would truly benefit from some of the information you provide
    here. Please let me know if this okay with you. Cheers!

    Reply

Leave a comment