In today’s article, Neal writes about the recent story where computer security analyst Ron Bowes used code to scan the internet and gather details about 100 million Facebook users. The story highlights how easy it easy to compile information off social networks.
Facebook recently announced that it had reached 500 million users. That's pretty good news for a hobby started in college just a few years ago. But is it good news for Facebook users, especially when it comes to security and privacy?
On one side of the argument, the more users Facebook has, the more information it has to protect. And the more attractive it will be to hackers and scammers. On the other side, it could be argued that the herd effect — being able to hide amongst millions of other users — makes it less likely that you're going to be the unlucky FB user to be picked on. Or picked off.
If you chose argument number 2, sorry, but you lose. Being one of millions of Facebook users will probably make you more vulnerable, and not less. The bigger Facebook becomes, the more hackers will invest in trying to "own" that data, and that data is you.
So as Facebook continues to grow, and people like you continue to add more personal information, hackers will work even harder to steal you. And one of the most powerful tools in their pretty vast arsenal is a web crawler, also known as a web spider or bot.
Web crawlers are fairly simple software programs designed to target either specific web sites, or the entire web, and automatically search, steal and organize all the information that's publicly available on those sites. Even if you didn't know it was publicly available.
These scripts work automatically and relentlessly in not only gathering personal information from web sites like Facebook, but sorting it all out and piecing it all together so that the hacker quickly knows more about you than you know about yourself.
A Web crawler was the tool recently used by a security expert to capture the personal data of more than 100 million Facebook users, including things like names, email addresses, photos, and the urls of their Facebook pages.
He then compiled all the scraped information into a single file, and posted it online for anyone to download. And so far more than 10,000 people have tried to download that file, and you can bet that most of these have nothing but bad plans for that data.
The "crawler" tool he used is not unusual, especially in the world of hacking. A few years ago I came across a tool designed to crawl specifically through ancestry sites and University alumni sites looking for valuable family histories that would help fill in the critical missing pieces (like mother's maiden name) of other records compiled by hackers.
The bottom line? When it comes to the internet, and Facebook in particular, there's no safety in numbers. Crawlers work like trawlers and can easily scoop up your personal information along with that of thousands or even millions of others with very little effort or investment.
And you'll never feel a thing until the thieves start using that information against you.