41% of Facebook Users Willing To Divulge Personal Info 157
plastick writes "In an experiment, 41% of Facebook users were willing to divulge highly personal information to a complete stranger. This according to IT security firm Sophos, which invited 200 randomly selected Facebookers to befriend a bogus Facebook user named 'Freddi Staur' (an anagram of 'ID Fraudster'). Of those queried, 87 responded to the invitation, among them 82 people whose profiles included personal information such as their email address, date of birth, address or phone number."
Again? (Score:5, Insightful)
Re: (Score:1)
Agreed. I don't particularly like Facebook, but I use it with full knowledge that it is a public forum.
This isn't a Facebook issue - it's an issue of users not valuing the things that nerds - as a rule - value.
Re:Again? (Score:5, Informative)
Re: (Score:3)
samzenpus might have forgotten the "new" in "news for nerds"
good catch, sir.
Re: (Score:2)
I don't care much about the dupes or "summarised" headlines, but this is pure laziness and journalistic carelessness. Sorry, Slashdot folks; you guys missed the mark here.
Re: (Score:2)
Yet ANOTHER story about how many Facebook users are not particularly interested in hiding personal information. I mean. come on! This is some sort of News Flash? Is anyone unaware that Facebook is primarily a platform for sharing personal information?
Huh? I thought it was a farming simulator!
Re: (Score:1)
Re: (Score:2)
My name is 100% unique in this country (and likely the world), anybody who has my name has that info. I hardly feel concern.
There was a time almost every phone number and address was public (white pages), a birthday is hardly secret knowledge too, and really who the fuck cares about an e-mail address.
None of these things are meaningful.
Re: (Score:2)
Perhaps they are not meaningful to you. Personally, I pay to keep my telephone number *out* of the white pages, and divulge none of the other information to anyone other than my employer, my bank, some creditors, and a few real-life friends. I don't want *anyone* else to have it. I'm inclined to send nasty-grams to HR when they voluntarily give away my work email address to 'corporate perks' programs and 'employee health' organizations. I get almost zero personal spam but average five a day for my work
Re: (Score:2)
This is a case of society not catching up with technology, true names, phone numbers and addresses were always public, but could only be used at great cost and at best represented contact details for you rather than a map of your life. The cost to collect and use that information meant that an individual had some security through o
Re: (Score:2)
Change your name to John Smith. Problem solved.
Re: (Score:2)
Re: (Score:2)
Even if it wasn't....
How many people are willing to put that same information into a "reply" card at their favorite shopping mall in exchange for a minuscule chance at winning a timeshare vacation package?
Some information is just not seen by many as all that private, personal, or valuable. Deal with it.
Re: (Score:2)
Now, what could I do with that info? Well, the question is rather, what do I want to do?
Stalk and troll you? It would be too easy and trivial to use your phone number for prank calls and send you bags of dog barf by mail. Let's be creative!
Step one, find out where you hang out online. How? Google the ICQ number. People who're fond of handing out their ICQ number on FB certainly will also fill in the relevant field on various boards you frequent. Let's take a look around. Are you in some kind of heated discu
Re: (Score:2)
Messing with peoples' lives has never been easier.
Fortunately, assholes like you are a minority.
Re: (Score:2)
Before you tie your panties in a knot, that's not what I do in my spare time. Actually, I try to raise awareness in people that these things can and do happen if you spread around your private information. It just happens to hit home a lot more directly if you don't sugarcoat it, people react a lot more emotional (and hence remember it far better) if you manage to incite them. I guess I managed to pull that off nicely.
What people seem to forget is that it has become trivially easy to connect and tie informa
Was it real (Score:4, Insightful)
How much of that personal information was real and how much was made up?
Re: (Score:2, Informative)
Email: president@whitehouse.gov
Date of birth: 01/01/01
Address: 123 Fake St., Fakesville, ZZ
Phone: 666-HELL
Re: (Score:2)
I knew he wasn't born in the US. He's not even a resident!
Re: (Score:2)
Email: president@whitehouse.gov
Date of birth: 01/01/01
Address: 123 Fake St., Fakesville, ZZ
Phone: 666-HELL
Thanks, Mr. President, sir.
Now we can all run identity fraud!!11!
Re: (Score:2)
Good luck convincing anyone that Zanzibar is a US state.
Re: (Score:1)
Re: (Score:2)
Re:Was it real (Score:5, Funny)
I always use 1-1-1980, the date that BIOS used to reset to when the battery went flat on a motherboard.
Re: (Score:1)
You too? (Score:2)
Is your birthday also Jan 1, or did you pick a random date?
Re: (Score:2)
It's an arbitrary date - it could also be a random date, but it's not.
Re: (Score:2)
Re: (Score:2)
Don't worry, if you have account with TD Ameritrade, they'll take care of that for you.
Privacy would be a lot more meaningful if companies that lost personal information got more than a slap on the wrist. I made more or less all the right decisions, then my brokerage is bought out by those guys and all of a sudden I'm receiving personalized emails only requiring a credit card number to get generic v1@g4ra.
Re: (Score:2)
e-mail addresses aren't as useful for the bad guys for actually using, but they are incredibly useful as unique identifiers. Behind most e-mail accounts (except for sales@ and similar), there is usually exactly one person, whether it's used to send mail to or from. Googling (plus a couple of other tools) the e-mail address found at Facebook can often give a surprising amount of information, often quite different from the untruths on the Facebook page.
I remember one guy who claimed 5+ years expertise with
Re: (Score:2)
Strange thing is that I created an address on my server just for slashdot, but it started getting spam shortly after I configured my account to use it. I might have made a mistake and sent it to somebody but I am pretty sure I didn't.
Re: (Score:2)
I agree, god forbid if anyone should ever discover my email address. It's not like I post in on /. or usenet or anything.
The whole point of having an email address is for people to contact you.
If you have a good filter spam is a small price to pay for the massive convenience. I do protect my phone # allot more because I don't always want to be disturbed unless it's important. Email is patient and waits until I get to it.
Facebook ToS (Score:2)
Speaking of which, regarding these kinds of surveys, doesn't that violate the Facebook terms of service?
And doesn't Facebook ask you to "verify" your acount ("for your protection", of course), like Paypal, after a while?
If so, how did they (the researchers) get a credit cart for Freddi Staur?
Not only that, but with breaking ToS also being a felony according to certain crazy legal jurisdictions, I don't know if it's a great idea to be telegraphing this research far and wide (as opposed to just saying "users
Re: (Score:1)
Speaking of which, regarding these kinds of surveys, doesn't that violate the Facebook terms of service?
And doesn't Facebook ask you to "verify" your acount ("for your protection", of course), like Paypal, after a while?
If so, how did they (the researchers) get a credit cart for Freddi Staur?
Uh, last I checked I haven't ever given Facebook my credit card number.
Have you?
Re: (Score:2)
No, like much of Slashdot I don't use it.
But, according to this [allfacebook.com], Facebook does ask for your credit card. I don't know how widespread this is.
Of course, you can imagine how valuable having verified information on the product (you) will be to advertisers and investors like Goldman.
Re: (Score:2)
How much of that personal information was real and how much was made up?
Oh, all the data in my profile is real, it's just not correct. Having a plausible profile looks better than having one that's obviously fake, though I do have the odd person asking why my address is the same as the local police station.
Misleading Title (Score:5, Informative)
"Willing to Divulge to" makes it sound like some complete stranger went on facebook and asked "Hey, give me your email address, blood type and shoe size" and got an answer.
What it really is, is that people add friends pretty randomly and openly, and many don't secure their personal information very well. In the ideal case you would have various 'grades' of friends which determine permissions but
a) Nobody would bother using it
b) Facebook doesn't particularly care about privacy.
Anyhoo, we knew all of this earlier - so non-story.
Re: (Score:3)
"Willing to Divulge to" makes it sound like some complete stranger went on facebook and asked "Hey, give me your email address, blood type and shoe size" and got an answer.
Isn't that how it pretty much is? Or are you friends with Zuckerberg?
Re: (Score:3)
It also wrongly supposes that all of that information is necessarily private. My full name, address, phone number, e-mail address are already public whether I like it or not as part of working for the government and the information it makes available, as it does the government portion of my income.
I'm not 100% sure on my date of birth, so I wouldn't include that necessarily, but I'm pretty sure it's public too.
And I'm in ontario and make 22k a year as a grad student. People who make 100k a year have their
Re: (Score:2)
Facebook does have the capability to do grades. You can create groups, and set up permissions based on group membership. I do it with a couple of groups - mostly to segregate some information from friends I'm not that close to or who I know are computer illiterate and will get every possible virus.
Re: (Score:2)
makes it sound like some complete stranger went on facebook and asked "Hey, give me your email address, blood type and shoe size" and got an answer
There was a convincing scam for a great deal on some kickass bionic feet, so...
Re: (Score:1)
Ah, the Radio Shack interview. Are they still in business?
I asked strangers to friend me, and they did (Score:2)
I created a Facdebook page with deliberately misleading and contradictory information, and put on my Facebook page very clearly that this was designed to be misleading, just so Facebook wouldn't rely so much on its info to datamine. I asked a bunch of randomly selected total strangers to friend me on Facebook --and some did.
Well.. (Score:2)
Re: (Score:2)
Yes, but if those 200 people happen to be most of the Senate and the swing vote in the house, things can get real ugly, real quick.
This information isn't private (Score:4, Insightful)
personal information such as their email address, date of birth, address or phone number
I also have that information on my Facebook profile. It is available for ANYONE to see, including nonfriends.
I don't have a problem here - the problem lies with any bank who would consider that information to be "secret", and would allow someone to get a loan in my name with only that information.
Re: (Score:1)
Re: (Score:2)
Anyway... (Score:2)
Reading TFA I also conclude that
1. No indication how many of the 200 were active accounts or how they were chosen (there's a screenshot which to me suggests a clustering? 6 friends in london? What are the chances given the huge population of facebook users?)
2. They used a cartoon picture as a display image. If there was an uncertainty of whether you know this person, then the generic image wouldn't help either. If it was someone's real face you might get less people agreeing to friendship, probably.
Re: (Score:3)
Re: (Score:2)
However...
"Of those queried, 87 responded to the invitation"
So if those 6 are from the 87 which responded...
Gives a value of 7% which is higher than the 1-2% your calculations suggest.
Highly personal? (Score:4, Insightful)
Maybe they just don't consider things like that to be "highly personal". By default, most of that information is available by doing such mundane things as registering a domain name. I don't consider contact information to be "highly personal". Somebody younger than me who grew up with social networking is even less likely to.
Re: (Score:2)
I've long ago given up the concept of keeping my anonymous online. I know how to *go* anonymous, and protect myself where appropriate, but I do not do so in my day-to-day browser.
Being in Internet marketing, my name is my brand. It's just part of it.
Re: (Score:1)
Re: (Score:2)
Exactly! and those of us who are proud of who we are and what we do have absolutely nothing to fear.
Except pride.
Re: (Score:2)
Why would you fear pride?
Re: (Score:2)
Why would you fear pride?
Like sentiment, it has a way of compromising judgment.
Dignity has a different nature from pride and has none of its disadvantages. It's compatible with a humble outlook, primarily because it views others as essentially equal and deserving of the same respect as oneself.
For all I know, that very well could be what you meant all along.
Re: (Score:2)
Hmm. Well, I'm still around, after partaken in several of them.
Re: (Score:2)
Yeah, I'd agree. I wonder what the percentage of people are who divulge "highly personal" info to everyone in the country (and on the web) by allowing their phone number, name and postal address to be listed in the White Pages? Shocking isn't it?
Re: (Score:1)
Phone number and address? Public information in the phone book. Personally I don't have my address shared and my phone number is Google Voice that directs unknown numbers to voice mail, but that's just a preference really.
Date of birth? We hold parties, show our ID containing it to every bar tender that has some alcohol to offer, and for many people even if they don't list it, friends will still post happy birthday.
Email? Since when is that private? I trust facebook and my "friends" with it a lot more
i think.... (Score:1)
I wouldn't mind giving my info to him, he's cute (Score:4, Insightful)
just look: http://www.sophos.com/images/misc/freddi_frog.jpg [sophos.com]
Anyway, some issues:
A) Why such a small sample data? I mean, it shouldn't be hard to annoy 1000+ users instead of just 200.
B) Why aren't they talking about apps that access your information? I know you can disable them but, if you are willing to accept froggy here, I don't think you will.
The implications of the whole thing are hilarious:
Apparently, being poked by a Frog doesn't make you want to start a friendship. That could be a better title for the article.
http://www.sophos.com/pressoffice/news/articles/2007/08/facebook.html [sophos.com]
C) Next Survey: There's a pretty good chance that I'll waste valuable time with inconsequential Slashdot articles. But hey, It's good fun before going to sleep.
Re: (Score:2)
Re: (Score:2)
I have thought about this but came up with a possible solution.
Do not create one profile for 1000+ users but create 5 different profiles for 200 users each. The variety might even provide an opportunity to rectify wrong conclusions.
It's a valid point, nevertheless.
Re: (Score:2)
B) Contacting 1000 people is 5 times as much work as contacting 200, yet the accuracy goes down as 1/sqrt(n), so with 1000 people you only halve the statistical error of 200. To improve the numbers by an order of magnitude, you typically have to
Misleading Heading (Score:1)
It tells us that nearly all of the idiots on Facebook who are stupid enough to accept a friend invitation from a total stranger are ALS
Re: (Score:2)
Ergo, 41% of facebook users are really HUGE idiots!
The point of Facebook (Score:4, Interesting)
An experiment... (Score:3, Funny)
Re: (Score:1)
better than expected (Score:1)
Only 41%?
That's better than I would have expected.
Or as a republican would say, (Score:1)
the vast majority of people were not willing to divulge their private information.
A Better Headline (Score:4, Insightful)
Let's just hope none of them end up in missile silos.
Back in the day, IT used to be called IS (Score:2)
I suspect that very soon "social networking" will be rechristened "social engineering network".
I'm among them (Score:1)
This article is four years old. (Score:5, Informative)
whitepages.com (Score:1)
Simple answer: *ONLY* friend actual friends... (Score:2)
I only friend people that I have met in real life, and with whom I wish to continue to have a friendship with.
I have de-friended many old high-school friends after deciding that I didn't want to bother 'restarting' a friendship after a decade. I have refused to 'friend' people I knew in college, even Fraternity brothers, because I simply didn't know them well enough to consider friends.
Finally, my Facebook account *DOES* have my birthday public, but the only 'contact' information on there at all is a 'thro
Re: (Score:2)
Re: (Score:2)
I keep business associates off Facebook. That's what LinkedIn is for. :-P
And I suppose the friend part is valid as well. But my point still holds, they are people that you are ALREADY friends with, and wish to continue to be friends with. It's still a case of using Facebook to further existing friendships, not to create new ones from random people. Too much info generally available with no prior vetting. That's what Twitter is for. :-D
Well (Score:3, Insightful)
I do this twice a month. It's called seeing a therapist.
Re: (Score:2)
I do this every weekend at the local bar. Its called lying to some hot babe to get her into the sack.
Oh, did you mean accurate personal information?
You mean 82 people? (Score:2)
Well let's see (Score:2)
Re: (Score:2)
Re: (Score:2)
someone with below average intelligence CAN operate a computer to the point of using facebook
Yes, but when looking at the bell curve, someone with a 60- IQ can't, but a 140+ IQ can (whether they might or not is up for debate).
Re: (Score:2)
Facebook hypocrisy (Score:1)
Wait a sec....
How come facebook doesn't terminate this bogus account, Freddi Staur, yet they happily terminate an account of a journalist in China for penning articles under a pseudonym. AND, they do so under the premise of a company policy that accounts must be established under a real name!!!
See article here, http://cpj.org/internet/2011/03/michael-antis-exile-from-facebook-over-real-name-p.php
Very hypocritical on Facebook's part that they do not enforce their policies uniformly.
I find that odd (Score:1)
Highly personal? yeah right... (Score:2)
59% do it without being aware (Score:1)
"highly personal information" (Score:1)
Stuff like date of birth and address might be "highly personal", but it's not exactly confidential. The information is available from public records.
maybe (Score:2)
Actually... (Score:3)
I'm really getting tired of everyone complaining about Facebook not respecting users' privacy -- the whole point of the platform is to make information public. I have a Facebook page. I find it to be tremendously useful to me, but I don't ever put anything on there that I do not want publicly available.
headline incorrect? (Score:3)
Happy Birthday (Score:2, Interesting)
Pretty much all of my friends have their birthday public.
I don't know about other countries, but in Canada that is very dangerous. It has been repeatedly shown with just your full name and birthday a fraudster can get just about any document they want issued.
Step 1: Ask government to reissue birth certificate.
Step 2: Use birth certificate to get SIN reissued.
Step 3: Use birth certificate and SIN to get drivers license reissued. (now featuring their picture, not yours)
Step 4: Take out multiple credit cards i
DOB/address is serious, others, not really. (Score:2)
All things are not equal:
email address, date of birth, address or phone number
So if I divulged "mythrowawayaddress@hotmail.com" I'm sharing highly personal information? How do you determine if an email is actually "highly personal?" Even if it's an ISP hosted address it could be a throwaway, and leads nowhere but a server. To a lesser extent, same goes for a phone number. Some people actually chuck a pre-paid in the garbage on a regular basis, you know. It's easy to have a throwaway phone number.
What qualifies as "highly personal" shouldn't be based on a stan
bullshit. 100% of facebook users share data (Score:2)
facebook business plan expects every user to share data, and no matter what they do to address privacy concerns, facebook's prime directive has nothing to do with protecting users' personal information. simply by joining facebook, you're agreeing to allow facebook and their advertisers to use your information. all facebook users are affected, not a tiny percentage.
Most don't realize phone/address info is shared (Score:2)
It seems to me that most people using Facebook don't know that their phone and address info is shared w/ their "friends". I'm pretty paranoid about that stuff and didn't know until I stumbled on the address book feature which wasn't too obvious on a computer be easy to find on the iphone/pod app.
Luckily for me I never put that kind of info in there anyway and had already gone through the security settings to turn off sharing of most things and made my profile private to non-friends.
Re: (Score:3)
I don't use facebook, the but implications of any particular setting are changing rapidly, I can't blame people for not understanding the settings. I can however blame them for being associated with that site, the one which feels the need to stalk random people on the net with their accursed like buttons.