Yesterday I met a total stranger online and I had a chat with him. Normally I chat with a lot of foreign people because it is good to know people around the world and It will help me to improve my english skills as well. In the chat I asked him whether he is in Facebook. I got an amazing answer. “Who wants to be a part of a crap” and he said Facebook security is really poor. I was a strong believer of Facebook security and I have around 150 photos of mine in Facebook. So, I challenged him to prove it.

He asked for my Facebook userid and I gave it to him because I knew there is nothing he could do with it. After few minutes he gave me a link and it was a direct link to one of  my photos which have access permission as friends only. In front of my eyes Facebook security got breached. And I asked from him how the hell he did it???. He explained me the process. But I couldn't get much more technical information as he was not willing give those informations to me.

1. In Facebook they have a special file storing mechanism to store the image files uploaded by the users.(Facebook Content Delivery Network)
2. Hackers have exploited this mechanism and they have all the algorithms to manipulate this file structure/system. 
3. Within few  minutes time they can generate all the links for a particular Facebook user and after that they can take those photos out without access privileges.

And there is a terrible thing he told me. As per him, He doesn't have a proper job and he is earning money by selling the photos garbed from Facebook and selling fake Facebook accounts to 3rd party people. I asked for the reasons why those people buying those photos from him and his answer was it is non of his problem why they need those.

I will try to keep talking to him and get some more technical information on this and I too want to figure this out my self because I have a felling of shamed because someone hacked me and accessed my private photos.

As a conclusion I would like to give some instructions on Social Networking.

1. Don't add unknowns to your friend list unless you know that particular person in physical context or you have proper reasons to trust him/her.
2. Limit the image uploading as much as you can and girls better not uploading any images. (They may using those grabbed images for illegal things and pornography.)
3. Set your profile as a Private Profile where only friends and hackers can access it. (I guess this is the truth)
4. Limit adding  3rd party applications to your profile. They may leak out your informations. 
5. Don't become a member of each and every Fan Club and Pages. Use selected set from them. 
6. Don't use Social Networking sites for Dating. Use them just to keep in touch with your friends.  

TrackBack URI for this entry

Comments (2)

Subscribe to this comment's feed

The truth it is.
written by Tanish , November 07, 2009

Nice tip Heshan
I'm also a Sri lankan Student (just finished AL n waiting for results) and I got into FB to keep in touch with my friends as most people use FB these days.

About adding friends, I think U have a point, My friends seems to have hundreads of friends _they don't know_ I find this silly.Best thing to do is to clean-up your friend list at least once a month and use FB's Friends LIST feature to organize friends.

Report Abuse

Vote Down

Vote Up

Votes: +0

Thank You
written by Priyankara , July 31, 2009

Dear Heshan,
Tnk u 4 very essentioal advice regarding the facebook.
I am layman for IT field.

Report Abuse

Vote Down

Vote Up

Votes: +1