Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy Social Networks Your Rights Online

Open Source Utilities For Facebook Privacy 154

dward90 writes "Two online projects will scan and edit Facebook privacy settings for maximum protection: ReclaimPrivacy (reclaimprivacy.org) and SaveFace (untangle.com). The article says: 'Several new applications have launched this week that are designed to easily reset a Facebook member's privacy settings, following new changes from the company that make a sizable chunk of profile content public by default when it was once kept under lock and key.'"
This discussion has been archived. No new comments can be posted.

Open Source Utilities For Facebook Privacy

Comments Filter:
  • Is It Just Me ... (Score:5, Interesting)

    by WrongSizeGlass ( 838941 ) on Tuesday May 18, 2010 @12:02PM (#32254712)
    ... or is it just a bad idea to be able to change privacy settings via Facebook's API? Couldn't some other site/service "open the flood gates" instead of locking them down?
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Just about everything about Web 2.0 sites is a bad idea.

      The privacy problems are well known.

      The general stupidity of the users is well known (and often exploited by both the sites themselves and others).

      The technology the sites use is often shitty (NoSQL, mainly).

      Web 2.0 sites are about doing things as wrong as possible, but becoming popular thanks to the stupidity of people as a whole.

      • What is so wrong with not using SQL? Even if you do use relational databases, SQL as such should have been replaced by a proper relational query language ages ago.
        • Re: (Score:2, Informative)

          by Anonymous Coward

          Is that a serious question?

          Relational databases can do anything and everything that any NoSQL "database" can do. But unlike NoSQL "databases", relational databases don't go randomly losing data, don't go corrupting data, allow for proper normalization, allow for much better performance, allow for transactions, and in general are always a much better idea.

          The only reasons people gravitate to NoSQL databases and architectures are:
          1) They're ignorant of how to properly use a relational database.
          2) They're doin

          • In other news, YHBT. HAND.

          • I'm not talking about non-relational databases, I'm talking about relational databases not using SQL. You can't query a true relational database using SQL, simply because SQL does not support constructs that a true relational database should, and on the other hand, SQL does things that don't belong to the relational model. And BTW, SQL isn't 40 years old.
            • SQL was developed in the early 1970's . So that's exactly 40 years old.
              I know , time flies by quickly.

              Not sure what you mean by "constructs that a true relational database should support" though .

      • Re: (Score:3, Insightful)

        The technology the sites use is often shitty

        Says the guy posting in a site written in Perl.

        • by bami ( 1376931 )

          You're putting the emphasis wrong.

          "Says the guy posting in a site written by complete idiots with no understanding of usability"

        • Says the guy posting in a site written in Perl.

          Not just the site, some of the editors are Perl scripts too.

    • Re:Is It Just Me ... (Score:4, Informative)

      by 0100010001010011 ( 652467 ) on Tuesday May 18, 2010 @12:18PM (#32254964)

      You can't. And neither of these tools do.

      You have to drag them from their website to your toolbar. Go to facebook, click on them. The javascript scrapes the website and either validates the settings (reclaim) or just sets everything to 'friends only' (save face).

      I've tested both and they seem to work just fine.

      I bet facebook releases a change in the html to break the scraper soon though.

      • RECLAIM doesn't seem to work. It tells me I have vulnerabilities, but when I click "fix" it doesn't fix the problems.

        SAVEFACE - I'm not sure. It does something, but whether or not it actually worked is a mystery.

        • Re: (Score:3, Informative)

          by Pvt_Ryan ( 1102363 )
          I ran them in the following order:

          reclaim
          saveface
          reclaim

          on the 2nd run recalim reported everything as "good"
          • Re: (Score:3, Informative)

            Ditto. It appears reclaim didn't really change my settings (hence why it still showed red). Saveface did all the work.

        • RECLAIM doesn't seem to work. It tells me I have vulnerabilities, but when I click "fix" it doesn't fix the problems.

          Same here. The underlined link did bring up the right page and I unchecked the right boxes. Then it verified the change correctly.

      • You're missing the point... if any app can update your privacy setting, it is trivially easy for a trojan such as a game to update your settings as well.
        • Re: (Score:3, Informative)

          And it couldn't before? Any trojan could go and change your settings for any website that you're currently logged into. It's not like this is something new with facebook.

          Heck, the fundamental way they work is the entire idea behind GreaseMonkey & UserScripts (for Chrome/Opera)

    • Re: (Score:2, Funny)

      by facebook ( 1249112 )
      It's a good idea, just trust me. Most of you dumb fucks already have.
    • How much difference does changing the settings actually make? The words "stable", "door" and "bolted" spring to mind.

  • by AnonymousClown ( 1788472 ) on Tuesday May 18, 2010 @12:06PM (#32254760)
    Before creating a facebook account, please consider this:
    • Facebook must exploit your personal info in order to make the mega bucks that they've grown used to.
    • A Facebook page may make you unemployable.
    • All Facebook privacy safeguards will be circumvented.
    • by Abstrackt ( 609015 ) on Tuesday May 18, 2010 @12:16PM (#32254928)

      A Facebook page may make you unemployable.

      This one thing from an otherwise good post really bugged me. You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

      • by dcmoebius ( 1527443 ) on Tuesday May 18, 2010 @12:23PM (#32255046)

        they can only work with data you give them.

        Not true, actually. They can also work with the information your "friends" give them.

        • Re: (Score:3, Insightful)

          by Animaether ( 411575 )

          At which point it doesn't matter whether you, yourself, are on Facebook - as long as that 'friend' puts your name in an entry, you could be flagged in such an internet query. I.e. if you're laying face-down in vomit with a half-empty bottle of Absolut in your hands, it doesn't really matter whether that somebody 'tags' that photo with the 'friend' account 'dcm' or simply jots down 'lol dcm after a FUN night out!'

          • by icebraining ( 1313345 ) on Tuesday May 18, 2010 @12:46PM (#32255378) Homepage

            In fact, it's the reverse: being on Facebook is better because it alerts you when people tag you, so you can ask them to take it down/edit it; if you aren't registered you probably will never know until it bites you.

            • Insidious, ain't it? The only way to see if someone's posted Photoshopped naked pics of you in Facebook is to be on Facebook.

              I liked Web 1.0 better, where Photoshopping people on nude bodies was only done to celebrities, who had decided to give up all their privacy in their choice of career, for considerable fringe benefits. That or banished to some obscure part of the Internet.

              Web 2.0 is all the disadvantage of celebrity, with none of the benefits.

              --
              Toro

        • by syousef ( 465911 )

          they can only work with data you give them.

          Not true, actually. They can also work with the information your "friends" give them.

          Here's a thought. Don't get yourself photographed doing crazy illegal shit. Hell another thought don't do crazy illegal shit. If you're letting your friends photograph you smoking pot, having sex with hookers, putting graffiti on public walls etc. YOU are making you unemployable.

        • by smash ( 1351 )
          Actually, they can only work with the information you give your "friends" to post. Don't want to be pictured face down in a pool of vomit? Don't do it in public? :D
      • by nacturation ( 646836 ) * <nacturation&gmail,com> on Tuesday May 18, 2010 @12:29PM (#32255144) Journal

        A Facebook page may make you unemployable.

        This one thing from an otherwise good post really bugged me. You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

        "Damn Abstrackt, you sure had a fun time with those hookers last night. I can't believe they happened to have marijuana on them... you sure went to town on that bong! [pic attached] I'll be on IRC tomorrow... you've gotta tell me all about that Windows bug you exploited to crack into that .mil site." -- written on your wall

      • > You may make yourself unemployable by posting things you shouldn't in
        > public because despite Facebook's atrocious privacy policy they can only
        > work with data you give them.

        I mostly agree. There's nothing wrong with using Facespace or any other free, ad-supported service as long as you understand that anything you put there might become public (or be lost in a crash or be deleted when the service is discontinued). As to their privacy policy, well, hell. They have no contract with you (nor you

      • You may make yourself unemployable by posting things you shouldn't in public {...} they can only work with data you give them.

        Or, some idiot might post un-appropriated stuff about you.
        In fact, you don't even *need* to have a facebook account to get embarrassed by people you made the mistake to consider as friends.

      • I disagree. (Score:3, Informative)

        Many employers and definitely for security clearances will look at your page and all of your friends. Guilt by association.

        See here under "Yes, Facebook can get you fired." [wsj.com]

        Mr. Fulmer and his wife made fun of a local church sermon in a podcast they posted online in 2005. Mr. Fulmer says it got so much attention, his boss listened to it, thought it was offensive and fired him.

        The thing is, sharing things about yourself can be objectionable to an employer - and you don't know what they could be.

        What may be completely harmless or even your God given right to say or do, may make you unhirable for an employer or even fired. Against the law in some cases - prove it. They can always find a legitimate and legal exc

        • Re: (Score:3, Insightful)

          by BobMcD ( 601576 )

          The article you linked says that 27% of orgs have a policy and that 2% of them have actually fired someone over things like this.

          It seems to me having an objectionable Facebook page might be an asset. It would definitely keep you away from employers who do not understand that you're there to earn a paycheck, and then you go home. Now if you're the sort that actually wants to be micromanaged without pay, heed the advice, but for the normal among us, maybe it isn't such a big deal. Take this:

          That happened to a friend of mine. She was out with friends and wasn't drinking. Someone passed her shots to pass down the table. Of course, someone was taking pictures and guess what? Yep, the picture of her with the two shots got on her friends Facebook page. She had a Facebook page too which was linked to her friends .... Oy!

          Maybe you want

      • by Hognoxious ( 631665 ) on Tuesday May 18, 2010 @01:11PM (#32255712) Homepage Journal

        You may make yourself unemployable by posting things you shouldn't in public because despite Facebook's atrocious privacy policy they can only work with data you give them.

        Gibberish. I could post a picture of two drunken idiots dancing naked in the street on my page - and tag one of them as you.

      • by SatanicPuppy ( 611928 ) * <Satanicpuppy@nosPAm.gmail.com> on Tuesday May 18, 2010 @02:14PM (#32256536) Journal

        I was in an amusing job interview the other day:

        Interviewer: "So, I'll need to see your Facebook page"
        Me: "I don't have one."
        Interviewer: "I know it's probably not something that you want all employers to see , but we're not 'narcs', we just want to know if you're a 'culture' fit."
        Me: "No, really. I don't have one. I never understood the draw."
        Interviewer: "You know, this is really not the sort of attitude we look for in a potential hire."
        Me: "...If you Google my name, you get one hit, and it's not Facebook."
        Interviewer: "I'm not going to show anyone."

        Damned if you do, damned if you don't.

        • by budcub ( 92165 )

          If anyone ever asked me in a job interview to show them my facebook page, I'd laugh out loud. If they persisted, I'd tell them to kiss my ass and go to hell. I'm not kidding.

      • by dbIII ( 701233 )
        Yes but people do that sort of stuff all the time (eg. the "drunken pirate" teacher fired over an innocent costume party photo) and annoying HR types use that as an excuse to play with facebook all day instead of doing any work.
    • by hitmark ( 640295 )

      Facebook must exploit your personal info in order to make the mega bucks that they've grown used to.

      maybe grows used to, but that do not mean entitled to. If i grow used to getting $1000000 onto my account each month, and then it stops, am i then entitled to having that start again?

    • by LWATCDR ( 28044 )

      What always shocked me is that anybody ever thought that data you posted on a social networking site was private to begin with?
      Really?
      Of course there will always be the problem of someone tagging you in a photo where you are making an ass of yourself but then it has always been wise to avoid making an ass of one's self in public.

    • Before creating a Facebook account, please consider this:

      Everything that you put into Facebook is public. If you don't want people to know, don't post it.

    • A Facebook page may make you unemployable

      Seriously, if some dumbarse business won't employ you because they found something on your Facebook page, they would be a god-awful place to work anyway. There will be plenty of better employers out there who will employ you no matter what's on your page, and they will be far more pleasant places to work.

  • Copy (Score:3, Insightful)

    by mehrotra.akash ( 1539473 ) on Tuesday May 18, 2010 @12:07PM (#32254774)

    What prevents these apps from keeping a copy of the info in their databases before changing the settings?

    • Re: (Score:2, Informative)

      by Anonymous Coward

      The fact that they are open source and you can view the code before you run it? If you're not comfortable with it, don't use it.

      • Re: (Score:3, Insightful)

        Considering that many of the people who need to use an app to change their privacy settings and are on facebook will not be able to understand code.
        Example: so many people grant full profile access to apps just to view a video(and that app just spams the wall of their friends)

        • Re: (Score:3, Interesting)

          But with the source code available people who do understand code can analyze the code for just such a thing. We don't need to have everyone understand how the code works we just need some that find any flaws that then help spread the word to everybody else.
          • We don't need to have everyone understand how the code works we just need some that find any flaws that then help spread the word to everybody else

            There is no guarantee that that has happened, is there? With a small project that apparently has, at this time, one developer? I have not read anyone that has reviewed the current codebase and told me that nothing bad is in there.

            • by Myopic ( 18616 )

              There doesn't need to be a guarantee. There only needs to be sufficient basis for trust. Your interlocutors are claiming that, for them, there is sufficient basis for trust. You can make your own decision.

              • My argument is that the framework is there for trust, but simply being open source doesn't automatically mean it is trustworthy in its current form (i.e., current code).

                In other words: it's open for review, but that does not mean that someone has reviewed it.

                (that said, I would tend to trust an open-source one more than closed-source with no external review, simply because the open-source one is openly inviting review at any time... if that is your point, then I agree :))

                • by fbjon ( 692006 )
                  Oh just look for yourself. [reclaimprivacy.org] But to ease your pain, I already looked through the relevant code (I'm assuming the jQuery code is fine), and found nothing sinister. It's less than 1000 LOC, well-formatted, and half of it is just CSS.
    • by blueg3 ( 192743 )

      For Reclaim, at least, your data doesn't go through their servers. It's a bookmarklet that causes JavaScript to be executed. The JavaScript file can be downloaded and reviewed, and you could even change the bookmarklet to run your local, reviewed copy instead of the one from their server. It doesn't appear to communicate with anyone but facebook.com.

  • by Anonymous Coward

    They run javascript on the facebook page, can they be used to steal my facebook password?

  • I've noticed recently that many non-facebook accounts (cnnmoney.com for example) know about my facebook account. Usually I see a link/graphic at the bottom of the page that says "click to 'like' this" or something similar.

    Anybody know how to keep these third party sites from knowing about your facebook account?

    • by mehrotra.akash ( 1539473 ) on Tuesday May 18, 2010 @12:11PM (#32254826)

      Account->privacy settings->Apps and websites Disable "Instant Personalization Pilot Program"

      • by TimmyDee ( 713324 ) on Tuesday May 18, 2010 @12:18PM (#32254974) Homepage Journal

        I wish it were that easy. I have the "Instant Personalization Pilot Program" disabled on my account, but FB Connect popped up on CNN Money this morning.

        What did I do? I specifically blocked any URL containing "fbconnect". Problem solved. OmniWeb let me do this using RegEx, but I'm sure the same can be done with AdBlock.

        • Re: (Score:3, Informative)

          My mistake, that is only for 2-3 sites that use your FB id to store profile settings

          However, the other sites seem to be taking the data with explicit permission from FB. See http://www.microsoftteched.in/ [microsoftteched.in]
          On the bottom right there is a FB app click on the privacy button in it, there is a 4-5 page long document, but since it is on facebook.com, I assume that it is only for selected partners, so it should be as safe as your data is on FB itself

          • by mcb ( 5109 )

            The CNN issue really bothered me. From my research, you can also prevent it by disabling third party cookies.

            In Firefox it's in Tools->Options->Privacy->Use custom Settings for history

        • Here [slashdot.org] is a very helpful post from a few weeks back. Easy enough to set up Adblock to block all that stuff out.

          Alternatively, if you log out of Facebook after use, most of this stuff doesn't show up. However, that doesn't block all the Facebook content on third party websites according to some.

          The Adblock solution seems to be 100% effective for me.

          • Re: (Score:3, Informative)

            by Locklin ( 1074657 )
            For privoxy, I added the following to my user.action file:

            { +block{Facebook privacy invasions} }
            http://api.facebook.com/restserver.php
            http://www.facebook.com/connect.php/js/FB.SharePro/
            http://www.facebook.com/ajax/connect/
            http://www.facebook.com/plugins/
            http://www.facebook.com/connect/
            http://connect.facebook.net/

            and saved.
        • You can, Lifehacker just posted this article about doing that today:

          http://lifehacker.com/5542041/block-sites-from-using-your-facebook-login-with-adblock-plus
      • I've always had that disabled, but it still shows up on cnnmoney.

    • Re: (Score:2, Funny)

      by Anonymous Coward
      You should sprinkle a lot of obscenities, pornographic pictures, and the most distastful things that you can find on your facebook pages. It will insure that other sites cannot use your information without losing their "safe for work" designations.
  • by Anonymous Coward

    And that, my liege, is how we know the Web to be banana-shaped.

    This new learning amazes me, Sir Zuckerberg. Explain again how a series of tubes may be employed to eliminate privacy.

    Oh, certainly, sir.

    Look, my liege!

    [trumpets]

    Facebook!
    Facebook!
    Facebook!

    It's only a website.

    Shhh!

    Friends, I bid you welcome to your new home. Let us ride... to Facebook.

    [singing]

    We're Friends of the round table
    We Poke when e're we're able
    We do Farmville and play Mob Wars
    With mousework impecc-able
    We lurk around on Facebook
    We tag an

    • Zuck: Yeah so if you ever need info about anyone at Harvard
      Zuck: Just ask.
      Zuck: I have over 4,000 emails, pictures, addresses, SNS
      [Redacted]: What? How'd you manage that one?
      Zuck: People just submitted it.
      Zuck: I don't know why.
      Zuck: They "trust me"
      Zuck: Dumb f***s.

      I usually mask out dirty words too, but if you're quoting someone directly, and are doing so to make a point, altering their words doesn't help.
      Zuckerberg, in that last exchange, called all Harvard Facebook patrons...

      Dumb fucks.

    • by himself ( 66589 )

      (Cue raucous applause, pounding on tables, wolf whistles, and shouts of "bravo!" and "huzzah!")

  • Looking forward (Score:5, Insightful)

    by Spad ( 470073 ) <slashdot@ s p a d . co.uk> on Tuesday May 18, 2010 @12:16PM (#32254922) Homepage

    Cue an endless series of phishing sites: "Did you know that anyone on the internet can see things you post on your Facebook page? Just type in your username and password and we'll scan your profile to see if it's secure..."

    • No it's even better. "Just drag this bookmarklet and click - it's totally safe!". Why do the Reclaim folks claim this is somehow better when it's clearly not? Their script is not only compiled (ie, pita to read) but could change at any moment or even change by IP address!
      • Re:Looking forward (Score:4, Informative)

        by fbjon ( 692006 ) on Tuesday May 18, 2010 @05:49PM (#32258996) Homepage Journal
        They claim that because they're right. Here's the entire code for the bookmarklet, with some formatting inserted:

        javascript:(
        function(){
        var script = document.createElement('script');
        script.src = 'http://static.reclaimprivacy.org/javascripts/privacyscanner.js';
        document.getElementsByTagName('head')[0].appendChild(script);
        }
        )()

        And the script itself [reclaimprivacy.org] is nicely formatted. Look towards the end for the actual code that matters. Have fun.

  • by UncHellMatt ( 790153 ) on Tuesday May 18, 2010 @12:16PM (#32254940)
    I work in IT for a small police department, and recently have begun doing presentations for parents on Facebook and general online privacy, what steps can be taken and how to watch out for warning signs of problems. I'd say at least half the parents I talk to are completely unaware of what information is freely available online about their kids, if allowed to use such a site, or how much information their kids are making available online.

    It only takes about 20 minutes to educate a neophyte, if they're willing to learn, how to lock down privacy on Facebook.... He said with a pained expression. One thing which never ceases to boggle my mind is the number of parents (and people in general) who really don't understand and don't CARE what information is out there, or what it can mean. ID theft, home intrusion, stalking, all that pretty much is "someone else's problem", producing enough SEP power to cloak an average sized nation.

    While products like this are certainly useful, the bigger issue is education. If you're aware of the changes to FB and the like, setting security takes all of a minute. If you're unaware and someone tells you, and if you're not particularly inclined toward looking over security settings, it might take someone 10-20 minutes to go over them with you. If you just plain don't care, no amount of open or closed source software is going to make any difference whatsoever.
    • What is SEP Power?

    • It only takes about 20 minutes to educate a neophyte, if they're willing to learn

      Ummm, stop. I see the problem, right there.

    • by Mashiki ( 184564 )

      We do something similar via the RCMP and MP's from the military and RAD [rcmp-grc.gc.ca] here in Canada, but it's aimed for kids and takes 7mins. If you're interested look up, but 20mins is far too long. If you can do it in under 10 and make it easy enough a grade schooler can figure it out then you're all set.

      • Hey, thanks for this! I'm googling it now.

        And yes, 7min for kids... "easy enough for a grade schooler" to figure out doesn't translate into easy enough for (unfortunately) many adults. Particularly ones who are in there hoping that I'll have some magic wand that'll take away all their problems surrounding FB and maybe do their parenting for them.
    • Re: (Score:3, Interesting)

      by Culture20 ( 968837 )

      It only takes about 20 minutes to educate a neophyte, if they're willing to learn, how to lock down privacy on Facebook....

      Until Facebook changes it again. Two years ago, I had everything locked down to friends only. Since that time, they've forced profile picture, current city, home town, likes/interests, work history, education history (and approximate age by proxy), to be public. There are still options to prevent non-friends from seeing some of those things via Facebook, but the Facebook Connections API allows anyone on the internet access to all those things for every user (further confusing the issue, because people are

      • Sorry for replying to self: I forgot about a couple forced public changes: Networks, Friend list (but only if you have a friend list on your profile).
  • Facebook is the world's worst gossip. You tell them anything, they will tell it to every one of your friends, their friends (marketers), and probably anyone else who so much as passes by.

    All these tools essentially do is add a "and please don't tell anyone" onto your data entries. The real solution is not to tell the gossip anything in the first place.

    • That's why most of my facebook is blank. I listed my High School and College so I could reconnect with friends, and that's it. And from time to time I go through my profile and delete 90% of my older, obsolete postings.

    • The real solution is not to tell the gossip anything in the first place.

      Pft. You and your common sense may go elsewhere. What I want is to be able to tell anyone I want anything AND force them to be quiet and not tell others! ...

      Seriously though, you're right - but it seems that most people would rather gossip and take the risk than have to live without. And only when they "get burned" do people suddenly find out that their privacy is important, perhaps more important than the gossip-entertainment. And Farmville.

      • by Myopic ( 18616 )

        That sounds like the market (the privacy market) at work. Some people take too much risk and get burned; some take not enough, and lose out on certain benefits.

        Please note that I am not a market ideologue, I just wanted to comment on how this instance seems to be working out.

        • Hum. That's a good point, I hadn't thought of it that way before.

          In general, I don't think FB is doing anything wrong necessarily. I don't know all of what their doing, of course. And, in general, privacy settings are your own things to choose, and you agree to various terms. Everyone just checks the I Accept box, clicks submit, and then complains when something they accepted happens :)

          Anyways. Interesting thought about the "privacy market."

  • by Anonymous Coward

    SaveFace automatically goes through and sets your privacy to "Only Friends" for everything. This may undo certain privacy measures you've already taken. For example, I set up a Limited Profile friend list for people who don't need to have access to my e-mail addresses, screen names, etc and blocked those items for them. SaveFace went through and removed those restrictions, so any of my friends could see my e-mail addresses, screen names, phone number, etc.

    This tool would work fine if everyone on your friend

  • Is it really so hard to simply go through Facebook's privacy settings yourself and consciously set them to whatever you want (as far as that's possible)? Same with all these warnings people pass around through status updates. I keep seeing suggestions to the effect of "click this, then that, then that, then 'wet your pants in public', then 'no'" only to find that I've already done that anyway. If you're really concerned about your Facebook privacy, what's been keeping you from checking out the relevant opti
    • Re: (Score:3, Insightful)

      by Todd Knarr ( 15451 )

      It's not hard, just involved and convoluted. Facebook's settings are many, and some of them aren't in the obvious places. These tools make it easy to do what's time-consuming to do by hand.

      • I see your point. I think I'd just start worrying about my grasp of the tools' "reach" and trustworthiness in addition to worrying about Facebook's admittedly huge "options hierarchy".
    • by Aladrin ( 926209 )

      When they change every month and you have no idea what changed? Yes, it's really that hard.

      I was 99% sure I was covered before I ran ReclaimPrivacy the other day. It found 3 sections that had data that was more open than I intended.

    • Re: (Score:3, Informative)

      Is it really so hard to simply go through Facebook's privacy settings yourself and consciously set them to whatever you want (as far as that's possible)?

      Yes, it really is "so hard". Intentionally so. Take a look at this NY Times graphic [nytimes.com] showing all the privacy settings options that exist throughout a Facebook profile. (Or, at least, the options the NY Times was able to find.) You can see that the options behave in inconsistent ways. You can set "maximum privacy" on one page without realizing that an option at a different level over-rides this (e.g. third-party ads may still have access).

      To really insure maximum privacy, you not only have to navigate this

      • On the one hand, I do think it's good that people in general are becoming more aware of privacy issues, and this article is a symptom of that.

        On the other hand, I wonder if external tools aren't just catering to or perpetuating a sense of helplessness in the face of Facebook's (certainly convoluted) settings: "Oh, you can't trust yourself to understand how to do it right, you need this third-party utility to be safe."

        But I guess I'm not really trying to make sense of the settings either. I just go thr
  • by johndoe42 ( 179131 ) on Tuesday May 18, 2010 @12:53PM (#32255482)

    Even if you turn off instant personalization, facebook still knows every time you visit one of those partner sites. But NoScript (I leave scripts enabled globally) has a cute feature called Application Boundary Enforcer. Here's (some of) my config:

    Site .facebook.com
    Accept from .facebook.com
    Deny

    Site .fbcdn.net
    Accept from .facebook.com
    Accept from .fbcdn.net
    Deny

    Enjoy!

  • Using the ReclaimPrivacy page worked great, made appropriate suggestions and allowed me to one-click fix select privacy settings. After running my profile through the SaveFace tool, however, it actually loosened my privacy settings automatically (changed some things which were set as "Only Me" to "Friends Only"), and did so without allowing me to interact and with no prompt telling me what it was doing in advance, with no way to stop it.
  • It doesn't finish the scan for some reason - hangs on "scanning". Might be just me, might be FireFox which is damned goofy and crashes often for me, or it may be Fluff Busting Purity (which kills the animal and Mafia postings etc. via Greasemonkey). Other than it hanging on those two things it does look to be the better tool in that it examines settings and warns vs setting them to whatever the other tool thought was most appropriate when it was written.

    A very nice concept though!

  • Instead of using facebook's privacy settings which they can arbitrarily ignore as they see fit at any point in the future, I say be proactive.

    1) Create social-group specific facebook accounts - one for high-school, another for college, another for people you meet professionally, another for hook-ups, etc.
    2) Use different browser profiles dedicated to each facebook account - see firefox's command line options " -no-remote -ProfileManager "
    3) Add plugins to differentiate the profiles - "User Agent Switcher" t

    • by dave562 ( 969951 )

      You should turn that into a PowerPoint presentation and sell it to the CIA as a training program for agents looking to cover their tracks.

"I got everybody to pay up front...then I blew up their planet." "Now why didn't I think of that?" -- Post Bros. Comics

Working...