May 082010
 May 8, 2010  Posted by  Breaches, Featured News, Online

Xeni Jardin reports on BoingBoing:

….  Facebook base64-encodes your IP address in every emailed event that you interact with.

Matt C. at Binary Intelligence Blog explains that Facebook’s automated email notifications (which go out when, say, a friend comments on your status or sends you a message) appear to contain the IP address of the user who caused that Facebook email to be sent:

The email headers contain a line similar to:
X-Facebook: from zuckmail ([MTAuMzAuNDcuMjAw])Copy this line out and feed it to this page:

You will get the IP address of your friend and clicking on it will get a geolocation-based map. This will also show you if your friend used their cell phone to post and who they use as their service provider.

This information is great when a fugitive is taunting law enforcement through their Facebook page, but not when a wife is trying to hide from an abusive husband and assumes Facebook is the best form of communication.

Thanks to the reader who sent in this link..

Elsewhere, the New York Times invites readers to submit privacy questions for Facebook which they will submit to Facebook and then publish Facebook’s response.

And Ryan Singel of Wired declares that Facebook has gone rogue, and calls for an open alternative to Facebook.

The FTC is reportedly taking a complaint filed by 14 privacy groups against Facebook seriously. Because this site is published pseudoanonymously, was not a signatory to the complaint, but this site also calls on the FTC to take firm action against Facebook for its deceptive practices and for unilaterally changing users’ privacy controls without allowing adequate notice and time to consent or not consent to such changes. But even if the FTC does take firm action, perhaps the most effective consequence still resides with users. When enough users start deleting their profiles and stop using the service, maybe then Facebook will “get it.”

Sorry, the comment form is closed at this time.