Become a fan of Slashdot on Facebook
A Huge Database of Facebook Users’ Phone Numbers Found Online (techcrunch.com) 27
Sure, Facebook (Score:4, Interesting)
by Empiric ( 675968 ) on Wednesday September 04, 2019 @04:21PM (#59158558)I took Facebook’s “Add your phone number to secure your account” recommendation as seriously as their implying that the other “privacy settings” controls were actually hooked up to anything on the back end, as far as mass-selling of my data to whoever wants to buy it was concerned.And here we are.
- Fallacy step one… using the terms “facebook” and “secure” in the same sentence and assuming they relate to you in the slightest.
“Your Privacy” is a notion contrary to their business model of selling information about you. It’s really that simple. I took Facebook’s “Add your phone number to secure your account” recommendation as seriously as their implying that the other “privacy settings” controls were actually hooked up to anything on the back end, as far as mass-selling of my data to whoever wants to buy it was concerned.
And here we are.
I bet that unclear thing is going to get moderated “insightful” on the first post effect.
My obvious querulous comment about the story: What I was looking for was a way to check to see if I was included.
Yes, I know it’s tricky to do it in a secure way. Maybe search on 1/3 of a user name against 1/3 of a possible phone number? Then you would need some sort of identity check to confirm you were actually one of the candidates and not some hacker trying to scrape more phone numbers…
Or maybe it would be suffici
Does Facebook have your phone number? Then you’re pwned. (Probably)
113 million Americans is about half the adult population. That seems like a reasonable upper bound on the number of people who would have a Facebook account and tie it to a phone number. I don’t see any reason to believe the fraction of phone numbers leaked in this database is less than “all of them”.
- by shanen ( 462549 )
I’m not in the States, but I still agree with the premise of your first paragraph.
I actually think 2-factor identification is, in theory, a good thing. In practice, Facebook. Checking on my phone, I also see the google, LinkedIn, something unknown (and some I prefer to skip), WhatsApp (and another app of that type), some store, Apple, and… Any or all of them might get hacked, or maybe the phone company in between.
I think the question of how to tell if your personal information has been stolen is actually
Sorry if I ruined your day.
For what it’s worth, my sig is both more unclear, and more insightful.
Z^-1
- Those used to be delivered to people’s doorsteps. Is that considered bad now?
IMHO it’s good Facebook leaked it. I’d rather that data be public, than a Facebook monopoly.
With the old phone books, opting out actually worked.
You had to pay to be unlisted. At least that’s how it was with Bell Atlantic back in the day.
No, we didn’t pay for unlisted in college – we listed the number in a fictitious person’s name.
The name was frequently a mnemonic, when a friend asked for your number you could say a “name” that was VERY easy to remember, they could call 411 for it. Yea, 411Oh well its Facebook today. Makes me have fond memories.
“Back in the day” you didn’t show id to get a phone line.
- I had trouble getting a prepaid credit card activated back in 2004 because “9/11 and Patriot Act”. They were happy to take my money, but they sure as hell didn’t want me to use it. It was only a small amount, about 40$. The TSA feeling up little girls won’t do shit to stop a terrorist outside of an airport downing a jetliner taking off with an RPG. I think the public is slowly waking up and seeing security theater for what it is.
- Yes, it is considered “bad” to have your phone number distributed without your consent, and has been for a long time.
https://en.wikipedia.org/wiki/… [wikipedia.org]
Historically access to this information has been controlled to a limited group that “needs to know” (police, emergency services, etc.). Nowadays, people just use Google to do reverse lookups. But in that case, as far as I’m concerned, someone who calls you (spammer, marketer, or otherwise) implicitly consents to you knowing who they are.
- by skids ( 119237 )
Is that considered bad now?
It is if you can use the alleged “phone number” to reset someone else’s account password.
(Which reminds me, remember back in the days when there were online reverse phone lookups that didn’t run you around a maze of advertising windows and try to get you to sign up for a premium account?)
- I hate those ‘services’. They fuck with you and try to milk you dry and then punch you in the face by saying “you must pay to view this listing”. They even have fake “searching data bases” status bars to waste your time. I wouldn’t give those assholes my CC# anyway. Anybody who resorts to those tactics are more than happy to sell your info to identity theft rings.
- At what point will posting things online being “exposed” stop being news? Hint: there is no “on line” security.
At what point will posting things online being “exposed” stop being news? Hint: there is no “on line” security.
I think that’s a defeatist attitude. Sadly true as things stand, but are you unable to imagine any solution approach?
I can. Simply agree that your personal information belongs to you. Unauthorized possession of your personal information becomes a crime, no matter what the reason. Any business possessing a million people’s information without their permission is charged with a million counts. It doesn’t matter if the affected people are ignorant of the unauthorized possession because it would already be a cr
And yet the suits don’t get to go to jail. At most, it will be lower level employees because they have “fall guy” in their unwritten job description.
Of course, we need to continue to let them lock us up (our devices) because they are Trustworthy,
- Personal information should be worth more than a music track.
Start privacy fines at $20,000 per person and levy the fines against the top 100 shareholders and then see how corporate policy changes.
I don’t have 2-factor on my FB account, I figure the less data they have the better. But once upon a time I did accidentally sync my addressbook with FB — so everyone’s phone# might be out there now !!
- Just another reason to Fuck the Zuck. Preferably with a large broom handle covered in fish hooks and smothered in Smack My Ass & Call Me Sally (https://www.delish.com/food/g27320819/hottest-hot-sauces/ ).Might want to add some sandpaper, salt, and alcohol to the mix.
- Well, you deserve what you get. ANY time a website, other than work, bank, doctor etc…wants my phone number, I give them my OLD landline number, which I dropped about 2001.
So now anyone with this database knows just which phone number to “borrow” to take over an account with 2FA enabled.
This means that 2FA has just been rendered moot to anyone able to break into your account primary password/security questions/linked e-mail account.
Sweet!Or maybe it forces them to use real 2fa and not a txt message ? Like I dunno, one of the many apps available, or possibly the damn google authenticator ?
- Hey, how about we set up a Kickstarter to fund a robocall campaign to call everyone on that database & play them a message in the voice of Mark Zuckerberg? Whaddaya think? What message should we play to them?
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
Related Links Top of the: day, week, month.
- 974 commentsFacebook Bans Alex Jones, Yiannopoulos, Other Far-Right Figures
- 940 commentsCloudflare Terminates 8chan
- 774 commentsJordan Peterson Announces Free Speech, Anti-Censorship Platform ‘Thinkspot’
- 729 commentsFacebook Employees Outraged Over Exec’s Appearance at Kavanaugh Hearing
- 719 commentsAnti-Tesla Pickup Truck Drivers Take Over a Supercharger Station — Again
Slashdot Top Deals
- Get more comments
- 27 of 27 loaded
There are bugs and then there are bugs. And then there are bugs. — Karl Lehenbauer
